Code:
Alles auswählen Aufklappen ATTFilter
C:\Users\user\AppData\Local\Temp\munoqplx.dll
File size: 93184 bytes
MD5...: e8e476362eaeaeaec8d76a80f918c257
SHA1..: dc783f52267eafbbc60496a894276bf56ce1110e
SHA256: 436b049a266bf03637067dacac9540fe97f79dac8fe9ce588b079842d3e55e35
SHA512: 9535b8196b405dc239966a6be51b400124ad0bde1c2cfcf6955145277ea44b3d
3c8a5163f08e540169f25677a4f62c426389b05998aca58f309bdca8d8444411
PEiD..: Armadillo v1.xx - v2.xx
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x100016bd
timedatestamp.....: 0x486b4ed7 (Wed Jul 02 09:48:07 2008)
machinetype.......: 0x14c (I386)
( 6 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x3000 0x3000 4.37 f4af1a7819e16afbae40aa05c94ea696
.reloc 0x4000 0x1000 0x600 4.12 5523f1dbdee3ad6d781cfd33dd7eeaca
.rsrc 0x5000 0x2000 0x1800 7.97 cca692666d81b562be3e9b87d00f1657
.code 0x7000 0x1000 0xc00 7.93 0fbbf2d96391f5b7f8e81ca1738fd1cd
.data 0x8000 0x8000 0x7400 7.99 49c222a31ffdb864bca0884de18ca921
.code 0x10000 0x16000 0x8000 7.97 231a38bb34632a45b25e87d867de1b09
( 1 imports )
> user32.dll: BeginPaint, CheckMenuRadioItem, CheckRadioButton, CopyIcon, CreateMenu, CreateWindowExA, DestroyCursor, DestroyIcon, DestroyWindow, EndPaint, ExitWindowsEx, FindWindowExA, GetCapture, GetCursorPos, GetDC, GetDesktopWindow, GetSystemMetrics, GetWindow, GetWindowDC, GetWindowTextA, GetWindowTextLengthA, InvalidateRect, IsWindow, KillTimer, LoadCursorA, LoadIconA, LoadIconA, LoadStringA, MessageBoxA, SetWindowPos, ShowWindow, SystemParametersInfoA, TranslateMessage, UpdateWindow, ValidateRect, WaitMessage, wvsprintfA
( 0 exports )
Prevx info: http://info.prevx.com/aboutprogramtext.asp?PX5=E63D98A10030701B6CC4018107D805005F0280D8
C:\Users\user\AppData\Local\Temp\xxyxXnki.dll
weitere Informationen
File size: 318720 bytes
MD5...: 68f1e202aa0eed6dd2c73b1318a93613
SHA1..: 02a00e21f9d69a120e7568ffe1f32a585ce863fe
SHA256: 7dea3d053d090b80af91182c9c2549590695a6968a547d30adbc3c72c7ab4418
SHA512: cce9efd5e22b20faf88997bd8c930f740b1501acba1085aaee91f333f742732a
5c6e21ca71114f582f5011ce0e26e707c587b3e07844c5bc578e3bd13f8743fa
PEiD..: Armadillo v1.xx - v2.xx
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x1000136f
timedatestamp.....: 0x485f54bd (Mon Jun 23 07:46:05 2008)
machinetype.......: 0x14c (I386)
( 5 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x2000 0x2000 5.36 715bd33bbe9526eb05838f25d86ed2a6
.data 0x3000 0x1000 0x600 4.86 928b679ff186b40c5e1c5d532d3013f2
CODE 0x4000 0x17000 0x16e00 8.00 34dfa8123118df37b77c649f02fc7f6d
.code 0x1b000 0x15000 0x14c00 8.00 facc9b6c065e7ec3f196e8259add3877
.reloc 0x30000 0x6d000 0x1f900 8.00 cb333e43977fdf886050f332c4ca759e
( 1 imports )
> user32.dll: BeginPaint, CreateMenu, CreateWindowExA, DestroyCursor, DestroyWindow, EndPaint, EndPaint, ExitWindowsEx, FindWindowExA, GetCapture, GetCursorPos, GetDC, GetDesktopWindow, GetSystemMetrics, GetWindow, GetWindowDC, GetWindowTextA, GetWindowTextLengthA, InvalidateRect, IsWindow, KillTimer, LoadCursorA, LoadIconA, LoadStringA, MessageBoxA, PeekMessageA, PostMessageA, PostQuitMessage, RegisterClassA, ReleaseCapture, ReleaseDC, SendMessageA, SetCursor, SetForegroundWindow, SetMenu, SetMenuItemInfoA, SetPropA, SetScrollPos, SetScrollRange, SetSysColors, SetTimer, SetWindowLongA, SetWindowPos, ShowWindow, SystemParametersInfoA, TranslateMessage, UpdateWindow, ValidateRect, WaitMessage, wvsprintfA
( 0 exports )
Prevx info: http://info.prevx.com/aboutprogramtext.asp?PX5=E5EFA2F600C17BF7DDD604ADD30E5B00AE8C1741
C:\Users\user\AppData\Local\Temp\jkkJawtr.dll
File size: 28288 bytes
MD5...: d00b9b58f8f91b39a8e21795fba707ae
SHA1..: 0c57183bd00c7f7e7f6b0af181d89e42f4930317
SHA256: 008f6c7db29a9ba2ee165180f09ff1edc5e1183c401faf354c0a1033c08a65c4
SHA512: 4af3d8780539f4d799cbd643ddb9892444a42df8483158fb27f8cd51bfaa92d1
e0e785f2e5c92b42eb38314957c700a2f933b67c09365bf526f67f02901fb5aa
PEiD..: Armadillo v1.xx - v2.xx
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x100012a5
timedatestamp.....: 0x4821945b (Wed May 07 11:36:59 2008)
machinetype.......: 0x14c (I386)
( 9 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x2000 0x2000 5.27 411556fafa00018d48d2261025c4c6ae
.rsrc 0x3000 0x1000 0x400 3.65 c3721dfca6de0ec7fa87c823194af350
.data 0x4000 0x1000 0x600 7.86 a8f6466feaabd1c7fc15881a7745e81a
.text 0x5000 0x1000 0xa00 7.92 6ec1b01e62aa382c2f2ed34019c56608
.idata 0x6000 0x1000 0x400 7.79 c2a38c5ba340d7b4be56c2f18b7f7cfd
.reloc 0x7000 0x1000 0xc00 7.93 af0fdeed3355560cdac55192899659a6
CODE 0x8000 0x1000 0x200 7.59 802e0da99795749576e206ae6b0af15c
.rsrc 0x9000 0x1000 0x1000 7.95 7b835a69b05dcd3e89927b884d28207e
BSS 0xa000 0x6000 0x1480 7.69 eedd7cee1d514f12767477055ed24246
( 1 imports )
> user32.dll: BeginPaint, EndPaint, GetDesktopWindow, GetWindowTextA, GetWindowTextLengthA, InvalidateRect, IsWindow, KillTimer, LoadCursorA, LoadIconA, LoadStringA, MessageBoxA, PeekMessageA, PostMessageA, PostQuitMessage
( 0 exports )
Prevx info: http://info.prevx.com/aboutprogramtext.asp?PX5=D4B3189080C304FF6E74002DDDE82A00ECEF19A5
14.07.2008, 14:10
Baum-Darstellung