Analysis Date2013-12-15 05:25:07
MD5843d59d99da97d6ef03696445b03cf7f
SHA1316b098039f875feb65249ab5e1398a8e8892141

Static Details:

File typePE32 executable for MS Windows (GUI) Intel 80386 32-bit
Section.text md5: b4421710129e406dbf6b5569c52de11d sha1: e1e15730abcd7d9cd17e4d494aca1cdcdf6aa529 size: 24576
Section.rdata md5: 1d8d6439b6176660871cf9bab3e2b00f sha1: 6b609e1665ee74933d0df55141a00b60ea619a1e size: 4096
Section.data md5: 762e691a32b2e718d479509ddbb17f22 sha1: e91ae047aa33b5ca82c12284ef9349babba4fd84 size: 4096
Section.rsrc md5: ace8944adb69a26055a3be387539664d sha1: e45d29275551cc39b9145dac544680329ed44c05 size: 98304
Timestamp2009-10-14 12:45:54
PEhash967f4c9f231c83d0496f746fcf1da3a4f74faa3b
AVavgWin32/Sality
AVmsseTrojan:Win32/Brambul.A
AVaviraW32/Sality.AT
AVclamavTrojan.Spy-78857
AVmcafeeW32/Sality.gen.z

Runtime Details:

Screenshot

Process
↳ C:\malware.exe

RegistryHKEY_CURRENT_USER\Software\Aasppapmmxkvs\A1_0 ➝
3026290652
RegistryHKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\policies\system\EnableLUA ➝
NULL
RegistryHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\AntiVirusOverride ➝
1
RegistryHKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Hidden ➝
2
RegistryHKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\EnableFirewall ➝
NULL
RegistryHKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\C:\malware.exe ➝
C:\malware.exe:*:Enabled:ipsec
RegistryHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusOverride ➝
1
RegistryHKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\GlobalUserOffline ➝
NULL
RegistryHKEY_CURRENT_USER\Software\Aasppapmmxkvs\-993627007\1768776769 ➝
208
Creates FilePIPE\DAV RPC SERVICE
Creates FilePIPE\wkssvc
Creates FilePIPE\lsarpc
Creates File\Device\Afd\Endpoint
Creates FileC:\WINDOWS\SYSTEM.INI
Creates File\Device\Afd\AsyncConnectHlp
Creates MutexuxJLpe1m
Creates Mutexspoolsv.exeM_1292_
Creates Mutexservices.exeM_616_
Creates Mutexsvchost.exeM_1016_
Creates Mutexcsrss.exeM_548_
Creates Mutexsvchost.exeM_848_
Creates Mutexsvchost.exeM_800_
Creates Mutexlsass.exeM_628_
Creates Mutexsmss.exeM_500_
Creates Mutexwinlogon.exeM_572_
Creates Mutexsvchost.exeM_1108_
Creates Mutexsvchost.exeM_1204_

Network Details:

DNSgmail.com
Type: MX
Flows TCP192.168.1.1:1032 ➝ 29.17.97.235:445
Flows TCP192.168.1.1:1031 ➝ 197.133.51.215:445
Flows TCP192.168.1.1:1034 ➝ 111.57.127.7:445
Flows TCP192.168.1.1:1033 ➝ 20.134.194.20:445
Flows TCP192.168.1.1:1035 ➝ 189.58.14.67:445
Flows TCP192.168.1.1:1036 ➝ 197.133.51.1:445
Flows TCP192.168.1.1:1037 ➝ 111.57.127.1:445
Flows TCP192.168.1.1:1038 ➝ 20.134.194.1:445
Flows TCP192.168.1.1:1039 ➝ 29.17.97.1:445
Flows TCP192.168.1.1:1040 ➝ 210.187.29.254:445
Flows TCP192.168.1.1:1041 ➝ 189.58.14.1:445
Flows TCP192.168.1.1:1042 ➝ 73.171.155.44:445
Flows TCP192.168.1.1:1043 ➝ 210.187.29.1:445
Flows TCP192.168.1.1:1044 ➝ 151.45.169.104:445
Flows TCP192.168.1.1:1045 ➝ 73.171.155.1:445
Flows TCP192.168.1.1:1047 ➝ 151.45.169.1:445
Flows TCP192.168.1.1:1048 ➝ 210.95.103.91:445
Flows TCP192.168.1.1:1050 ➝ 129.175.86.158:445
Flows TCP192.168.1.1:1051 ➝ 210.95.103.1:445
Flows TCP192.168.1.1:1053 ➝ 211.215.115.185:445
Flows TCP192.168.1.1:1058 ➝ 221.98.147.144:445
Flows TCP192.168.1.1:1059 ➝ 129.175.86.1:445
Flows TCP192.168.1.1:1060 ➝ 210.31.96.30:445
Flows TCP192.168.1.1:1061 ➝ 80.82.157.17:445
Flows TCP192.168.1.1:1062 ➝ 211.215.115.1:445
Flows TCP192.168.1.1:1063 ➝ 104.14.107.30:445
Flows TCP192.168.1.1:1065 ➝ 221.98.147.1:445
Flows TCP192.168.1.1:1064 ➝ 191.153.153.178:445
Flows TCP192.168.1.1:1066 ➝ 210.31.96.1:445
Flows TCP192.168.1.1:1067 ➝ 27.77.86.164:445
Flows TCP192.168.1.1:1068 ➝ 80.82.157.1:445
Flows TCP192.168.1.1:1069 ➝ 50.9.163.177:445
Flows TCP192.168.1.1:1070 ➝ 142.188.97.36:445
Flows TCP192.168.1.1:1071 ➝ 104.14.107.1:445
Flows TCP192.168.1.1:1072 ➝ 143.250.90.103:445
Flows TCP192.168.1.1:1073 ➝ 191.153.153.1:445
Flows TCP192.168.1.1:1074 ➝ 26.39.178.244:445
Flows TCP192.168.1.1:1075 ➝ 27.77.86.1:445
Flows TCP192.168.1.1:1076 ➝ 173.93.170.89:445
Flows TCP192.168.1.1:1077 ➝ 50.9.163.1:445
Flows TCP192.168.1.1:1078 ➝ 210.155.135.162:445
Flows TCP192.168.1.1:1079 ➝ 142.188.97.1:445
Flows TCP192.168.1.1:1080 ➝ 143.250.90.1:445
Flows TCP192.168.1.1:1081 ➝ 42.88.212.176:445
Flows TCP192.168.1.1:1082 ➝ 112.141.61.88:445
Flows TCP192.168.1.1:1083 ➝ 26.39.178.1:445
Flows TCP192.168.1.1:1084 ➝ 173.93.170.1:445
Flows TCP192.168.1.1:1085 ➝ 81.133.74.182:445
Flows TCP192.168.1.1:1087 ➝ 210.31.119.253:445
Flows TCP192.168.1.1:1089 ➝ 211.215.115.1:445
Flows TCP192.168.1.1:1091 ➝ 210.187.29.1:445
Flows TCP192.168.1.1:1088 ➝ 106.161.163.51:445
Flows TCP192.168.1.1:1090 ➝ 210.155.135.1:445
Flows TCP192.168.1.1:1092 ➝ 143.17.31.118:445
Flows TCP192.168.1.1:1095 ➝ 151.45.169.1:445
Flows TCP192.168.1.1:1093 ➝ 42.88.212.1:445
Flows TCP192.168.1.1:1094 ➝ 134.196.121.225:445
Flows TCP192.168.1.1:1096 ➝ 112.141.61.1:445
Flows TCP192.168.1.1:1100 ➝ 197.133.51.1:445
Flows TCP192.168.1.1:1101 ➝ 20.134.194.1:445
Flows TCP192.168.1.1:1097 ➝ 81.133.74.1:445
Flows TCP192.168.1.1:1102 ➝ 129.175.86.1:445
Flows TCP192.168.1.1:1104 ➝ 111.57.127.1:445
Flows TCP192.168.1.1:1105 ➝ 221.98.147.1:445
Flows TCP192.168.1.1:1106 ➝ 27.77.86.1:445
Flows TCP192.168.1.1:1098 ➝ 27.123.113.70:445
Flows TCP192.168.1.1:1108 ➝ 210.95.103.1:445
Flows TCP192.168.1.1:1109 ➝ 142.188.97.1:445
Flows TCP192.168.1.1:1110 ➝ 73.171.155.1:445
Flows TCP192.168.1.1:1099 ➝ 210.31.119.1:445
Flows TCP192.168.1.1:1112 ➝ 50.9.163.1:445
Flows TCP192.168.1.1:1103 ➝ 210.51.247.231:445
Flows TCP192.168.1.1:1107 ➝ 210.141.84.56:445
Flows TCP192.168.1.1:1111 ➝ 106.161.163.1:445
Flows TCP192.168.1.1:1115 ➝ 210.31.96.1:445
Flows TCP192.168.1.1:1116 ➝ 29.17.97.1:445
Flows TCP192.168.1.1:1118 ➝ 26.39.178.1:445
Flows TCP192.168.1.1:1119 ➝ 191.153.153.1:445
Flows TCP192.168.1.1:1113 ➝ 98.10.42.196:445
Flows TCP192.168.1.1:1114 ➝ 143.17.31.1:445
Flows TCP192.168.1.1:1117 ➝ 210.3.235.139:445
Flows TCP192.168.1.1:1122 ➝ 143.250.90.1:445
Flows TCP192.168.1.1:1123 ➝ 80.82.157.1:445
Flows TCP192.168.1.1:1124 ➝ 210.155.135.1:445
Flows TCP192.168.1.1:1120 ➝ 134.196.121.1:445
Flows TCP192.168.1.1:1126 ➝ 189.58.14.1:445
Flows TCP192.168.1.1:1121 ➝ 179.203.118.232:445
Flows TCP192.168.1.1:1131 ➝ 42.88.212.1:445
Flows TCP192.168.1.1:1132 ➝ 210.31.119.1:445
Flows TCP192.168.1.1:1133 ➝ 104.14.107.1:445
Flows TCP192.168.1.1:1127 ➝ 210.1.95.145:445
Flows TCP192.168.1.1:1128 ➝ 27.123.113.1:445
Flows TCP192.168.1.1:1129 ➝ 210.51.247.1:445
Flows TCP192.168.1.1:1135 ➝ 112.141.61.1:445
Flows TCP192.168.1.1:1136 ➝ 106.161.163.1:445
Flows TCP192.168.1.1:1137 ➝ 81.133.74.1:445
Flows TCP192.168.1.1:1130 ➝ 210.141.84.1:445
Flows TCP192.168.1.1:1134 ➝ 22.36.182.64:445
Flows TCP192.168.1.1:1138 ➝ 210.167.98.117:445
Flows TCP192.168.1.1:1139 ➝ 98.10.42.1:445
Flows TCP192.168.1.1:1140 ➝ 101.100.189.191:445
Flows TCP192.168.1.1:1141 ➝ 210.3.235.1:445
Flows TCP192.168.1.1:1142 ➝ 87.13.236.217:445
Flows TCP192.168.1.1:1143 ➝ 179.203.118.1:445
Flows TCP192.168.1.1:1144 ➝ 30.5.159.227:445
Flows TCP192.168.1.1:1145 ➝ 210.1.95.1:445
Flows TCP192.168.1.1:1146 ➝ 22.36.182.1:445
Flows TCP192.168.1.1:1149 ➝ 134.196.121.1:445
Flows TCP192.168.1.1:1147 ➝ 22.185.249.79:445
Flows TCP192.168.1.1:1151 ➝ 221.98.147.1:80
Flows TCP192.168.1.1:1148 ➝ 210.60.39.133:445
Flows TCP192.168.1.1:1150 ➝ 210.167.98.1:445
Flows TCP192.168.1.1:1155 ➝ 210.51.247.1:445
Flows TCP192.168.1.1:1154 ➝ 142.188.97.1:80
Flows TCP192.168.1.1:1157 ➝ 98.10.42.1:445
Flows TCP192.168.1.1:1161 ➝ 173.93.170.1:445
Flows TCP192.168.1.1:1158 ➝ 73.171.155.1:80
Flows TCP192.168.1.1:1162 ➝ 27.123.113.1:445
Flows TCP192.168.1.1:1152 ➝ 37.170.162.199:445
Flows TCP192.168.1.1:1153 ➝ 101.100.189.1:445
Flows TCP192.168.1.1:1163 ➝ 27.77.86.1:80
Flows TCP192.168.1.1:1165 ➝ 143.17.31.1:445
Flows TCP192.168.1.1:1166 ➝ 210.141.84.1:445
Flows TCP192.168.1.1:1156 ➝ 87.13.236.1:445
Flows TCP192.168.1.1:1159 ➝ 210.251.32.199:445
Flows TCP192.168.1.1:1168 ➝ 210.3.235.1:445
Flows TCP192.168.1.1:1169 ➝ 210.1.95.1:445
Flows TCP192.168.1.1:1164 ➝ 30.5.159.1:445
Flows TCP192.168.1.1:1167 ➝ 139.166.120.85:445
Flows TCP192.168.1.1:1170 ➝ 22.185.249.1:445
Flows TCP192.168.1.1:1171 ➝ 210.23.131.212:445
Flows TCP192.168.1.1:1172 ➝ 210.60.39.1:445
Flows TCP192.168.1.1:1173 ➝ 109.94.126.245:445
Flows TCP192.168.1.1:1177 ➝ 22.36.182.1:445
Flows TCP192.168.1.1:1174 ➝ 37.170.162.1:445
Flows TCP192.168.1.1:1179 ➝ 129.175.86.1:80
Flows TCP192.168.1.1:1175 ➝ 169.137.200.71:445
Flows TCP192.168.1.1:1176 ➝ 210.251.32.1:445
Flows TCP192.168.1.1:1180 ➝ 29.17.97.1:80
Flows TCP192.168.1.1:1178 ➝ 147.13.116.124:445
Flows TCP192.168.1.1:1183 ➝ 210.31.96.1:80
Flows TCP192.168.1.1:1186 ➝ 179.203.118.1:445
Flows TCP192.168.1.1:1187 ➝ 210.167.98.1:445
Flows TCP192.168.1.1:1188 ➝ 50.9.163.1:80
Flows TCP192.168.1.1:1181 ➝ 210.124.127.251:445
Flows TCP192.168.1.1:1182 ➝ 139.166.120.1:445
Flows TCP192.168.1.1:1190 ➝ 87.13.236.1:445
Flows TCP192.168.1.1:1189 ➝ 210.155.135.1:80
Flows TCP192.168.1.1:1184 ➝ 210.23.131.1:445
Flows TCP192.168.1.1:1185 ➝ 140.225.96.20:445
Flows TCP192.168.1.1:1191 ➝ 109.94.126.1:445
Flows TCP192.168.1.1:1195 ➝ 22.185.249.1:445
Flows TCP192.168.1.1:1198 ➝ 30.5.159.1:445
Flows TCP192.168.1.1:1193 ➝ 61.187.174.40:445
Flows TCP192.168.1.1:1199 ➝ 210.60.39.1:445
Flows TCP192.168.1.1:1194 ➝ 169.137.200.1:445
Flows TCP192.168.1.1:1196 ➝ 210.106.65.39:445
Flows TCP192.168.1.1:1197 ➝ 147.13.116.1:445
Flows TCP192.168.1.1:1202 ➝ 37.170.162.1:445
Flows TCP192.168.1.1:1203 ➝ 101.100.189.1:445
Flows TCP192.168.1.1:1204 ➝ 210.251.32.1:445
Flows TCP192.168.1.1:1200 ➝ 210.150.153.52:445
Flows TCP192.168.1.1:1201 ➝ 210.124.127.1:445
Flows TCP192.168.1.1:1208 ➝ 104.14.107.1:80
Flows TCP192.168.1.1:1210 ➝ 139.166.120.1:445
Flows TCP192.168.1.1:1206 ➝ 180.137.222.38:445
Flows TCP192.168.1.1:1207 ➝ 140.225.96.1:445
Flows TCP192.168.1.1:1211 ➝ 26.39.178.1:80
Flows TCP192.168.1.1:1213 ➝ 210.23.131.1:445
Flows TCP192.168.1.1:1214 ➝ 42.88.212.1:80
Flows TCP192.168.1.1:1217 ➝ 109.94.126.1:445
Flows TCP192.168.1.1:1209 ➝ 27.7.53.178:445
Flows TCP192.168.1.1:1218 ➝ 191.153.153.1:80
Flows TCP192.168.1.1:1212 ➝ 27.77.86.2:445
Flows TCP192.168.1.1:1215 ➝ 61.187.174.1:445
Flows TCP192.168.1.1:1222 ➝ 210.31.119.1:80
Flows TCP192.168.1.1:1216 ➝ 74.127.208.78:445
Flows TCP192.168.1.1:1219 ➝ 73.171.155.2:445
Flows TCP192.168.1.1:1220 ➝ 142.188.97.2:445
Flows TCP192.168.1.1:1221 ➝ 210.106.65.1:445
Flows TCP192.168.1.1:1227 ➝ 147.13.116.1:445
Flows TCP192.168.1.1:1224 ➝ 210.150.153.1:445
Flows TCP192.168.1.1:1225 ➝ 28.39.198.222:445
Flows TCP192.168.1.1:1230 ➝ 140.225.96.1:445
Flows TCP192.168.1.1:1226 ➝ 221.98.147.2:445
Flows TCP192.168.1.1:1228 ➝ 179.133.204.34:445
Flows TCP192.168.1.1:1233 ➝ 80.82.157.1:80
Flows TCP192.168.1.1:1229 ➝ 180.137.222.1:445
Flows TCP192.168.1.1:1237 ➝ 106.161.163.1:80
Flows TCP192.168.1.1:1231 ➝ 220.177.181.174:445
Flows TCP192.168.1.1:1238 ➝ 112.141.61.1:80
Flows TCP192.168.1.1:1232 ➝ 129.175.86.2:445
Flows TCP192.168.1.1:1239 ➝ 210.124.127.1:445
Flows TCP192.168.1.1:1240 ➝ 27.77.86.2:445
Flows TCP192.168.1.1:1234 ➝ 27.7.53.1:445
Flows TCP192.168.1.1:1242 ➝ 189.58.14.1:80
Flows TCP192.168.1.1:1235 ➝ 29.17.97.2:445
Flows TCP192.168.1.1:1236 ➝ 182.29.150.187:445
Flows TCP192.168.1.1:1245 ➝ 211.215.115.1:80
Flows TCP192.168.1.1:1241 ➝ 74.127.208.1:445
Flows TCP192.168.1.1:1249 ➝ 142.188.97.2:445
Flows TCP192.168.1.1:1250 ➝ 73.171.155.2:445
Flows TCP192.168.1.1:1244 ➝ 88.6.61.85:445
Flows TCP192.168.1.1:1246 ➝ 143.106.143.49:445
Flows TCP192.168.1.1:1247 ➝ 210.31.96.2:445
Flows TCP192.168.1.1:1248 ➝ 50.9.163.2:445
Flows TCP192.168.1.1:1252 ➝ 210.155.135.2:445
Flows TCP192.168.1.1:1257 ➝ 210.150.153.1:445
Flows TCP192.168.1.1:1259 ➝ 61.187.174.1:445
Flows TCP192.168.1.1:1253 ➝ 28.39.198.1:445
Flows TCP192.168.1.1:1254 ➝ 195.74.51.236:445
Flows TCP192.168.1.1:1261 ➝ 169.137.200.1:445
Flows TCP192.168.1.1:1255 ➝ 179.133.204.1:445
Flows TCP192.168.1.1:1263 ➝ 27.123.113.1:80
Flows TCP192.168.1.1:1256 ➝ 192.168..60.242:445
Flows TCP192.168.1.1:1264 ➝ 210.106.65.1:445
Flows TCP192.168.1.1:1258 ➝ 191.153.153.2:445
Flows TCP192.168.1.1:1260 ➝ 220.177.181.1:445
Flows TCP192.168.1.1:1268 ➝ 210.141.84.1:80
Flows TCP192.168.1.1:1262 ➝ 210.153.114.40:445
Flows TCP192.168.1.1:1270 ➝ 210.51.247.1:80
Flows TCP192.168.1.1:1272 ➝ 180.137.222.1:445
Flows TCP192.168.1.1:1274 ➝ 221.98.147.2:445
Flows TCP192.168.1.1:1275 ➝ 129.175.86.2:445
Flows TCP192.168.1.1:1265 ➝ 182.29.150.1:445
Flows TCP192.168.1.1:1276 ➝ 210.187.29.1:80
Flows TCP192.168.1.1:1266 ➝ 104.14.107.2:445
Flows TCP192.168.1.1:1278 ➝ 27.7.53.1:445
Flows TCP192.168.1.1:1269 ➝ 126.72.118.234:445
Flows TCP192.168.1.1:1279 ➝ 98.10.42.1:80
Flows TCP192.168.1.1:1271 ➝ 88.6.61.1:445
Flows TCP192.168.1.1:1282 ➝ 29.17.97.2:445
Flows TCP192.168.1.1:1273 ➝ 42.88.212.2:445
Flows TCP192.168.1.1:1277 ➝ 197.188.89.213:445
Flows TCP192.168.1.1:1285 ➝ 74.127.208.1:445
Flows TCP192.168.1.1:1280 ➝ 26.39.178.2:445
Flows TCP192.168.1.1:1281 ➝ 143.106.143.1:445
Flows TCP192.168.1.1:1286 ➝ 210.31.96.2:445
Flows TCP192.168.1.1:1287 ➝ 210.155.135.2:445
Flows TCP192.168.1.1:1283 ➝ 210.31.119.2:445
Flows TCP192.168.1.1:1284 ➝ 152.69.2.96:445
Flows TCP192.168.1.1:1290 ➝ 50.9.163.2:445
Flows TCP192.168.1.1:1292 ➝ 28.39.198.1:445
Flows TCP192.168.1.1:1288 ➝ 192.168..60.1:445
Flows TCP192.168.1.1:1289 ➝ 195.74.51.1:445
Flows TCP192.168.1.1:1291 ➝ 144.122.92.203:445
Flows TCP192.168.1.1:1297 ➝ 179.133.204.1:445
Flows TCP192.168.1.1:1299 ➝ 191.153.153.2:445
Flows TCP192.168.1.1:1296 ➝ 143.17.31.1:80
Flows TCP192.168.1.1:1293 ➝ 210.153.114.1:445
Flows TCP192.168.1.1:1294 ➝ 122.252.136.2:445
Flows TCP192.168.1.1:1302 ➝ 151.45.169.1:80
Flows TCP192.168.1.1:1304 ➝ 220.177.181.1:445
Flows TCP192.168.1.1:1303 ➝ 134.196.121.1:80
Flows TCP192.168.1.1:1295 ➝ 126.72.118.1:445
Flows TCP192.168.1.1:1298 ➝ 223.58.228.75:445
Flows TCP192.168.1.1:1309 ➝ 182.29.150.1:445
Flows TCP192.168.1.1:1311 ➝ 104.14.107.2:445
Flows TCP192.168.1.1:1307 ➝ 22.36.182.1:80
Flows TCP192.168.1.1:1301 ➝ 112.141.61.2:445
Flows TCP192.168.1.1:1308 ➝ 111.57.127.1:80
Flows TCP192.168.1.1:1312 ➝ 88.6.61.1:445
Flows TCP192.168.1.1:1313 ➝ 42.88.212.2:445
Flows TCP192.168.1.1:1305 ➝ 197.188.89.1:445
Flows TCP192.168.1.1:1306 ➝ 80.82.157.2:445
Flows TCP192.168.1.1:1316 ➝ 26.39.178.2:445
Flows TCP192.168.1.1:1319 ➝ 143.106.143.1:445
Flows TCP192.168.1.1:1310 ➝ 138.237.49.122:445
Flows TCP192.168.1.1:1314 ➝ 116.112.220.48:445
Flows TCP192.168.1.1:1315 ➝ 152.69.2.1:445
Flows TCP192.168.1.1:1317 ➝ 106.161.163.2:445
Flows TCP192.168.1.1:1318 ➝ 189.58.14.2:445
Flows TCP192.168.1.1:1320 ➝ 211.215.115.2:445
Flows TCP192.168.1.1:1321 ➝ 144.122.92.1:445
Flows TCP192.168.1.1:1322 ➝ 121.215.229.81:445
Flows TCP192.168.1.1:1324 ➝ 27.123.113.2:445
Flows TCP192.168.1.1:1328 ➝ 210.95.103.1:80
Flows TCP192.168.1.1:1329 ➝ 197.133.51.1:80
Flows TCP192.168.1.1:1332 ➝ 195.74.51.1:445
Flows TCP192.168.1.1:1325 ➝ 147.18.38.101:445
Flows TCP192.168.1.1:1326 ➝ 122.252.136.1:445
Flows TCP192.168.1.1:1335 ➝ 20.134.194.1:80
Flows TCP192.168.1.1:1336 ➝ 87.13.236.1:80
Flows TCP192.168.1.1:1327 ➝ 210.141.84.2:445
Flows TCP192.168.1.1:1339 ➝ 80.82.157.2:445
Flows TCP192.168.1.1:1330 ➝ 210.72.69.117:445
Flows TCP192.168.1.1:1331 ➝ 210.51.247.2:445
Flows TCP192.168.1.1:1341 ➝ 210.167.98.1:80
Flows TCP192.168.1.1:1333 ➝ 223.58.228.1:445
Flows TCP192.168.1.1:1334 ➝ 210.187.29.2:445
Flows TCP192.168.1.1:1344 ➝ 210.153.114.1:445
Flows TCP192.168.1.1:1337 ➝ 100.174.79.216:445
Flows TCP192.168.1.1:1338 ➝ 98.10.42.2:445
Flows TCP192.168.1.1:1346 ➝ 192.168..60.1:445
Flows TCP192.168.1.1:1342 ➝ 138.237.49.1:445
Flows TCP192.168.1.1:1343 ➝ 214.152.200.85:445
Flows TCP192.168.1.1:1345 ➝ 116.112.220.1:445
Flows TCP192.168.1.1:1350 ➝ 30.5.159.1:80
Flows TCP192.168.1.1:1347 ➝ 37.51.173.37:445
Flows TCP192.168.1.1:1352 ➝ 152.69.2.1:445
Flows TCP192.168.1.1:1355 ➝ 126.72.118.1:445
Flows TCP192.168.1.1:1354 ➝ 37.170.162.1:80
Flows TCP192.168.1.1:1348 ➝ 121.215.229.1:445
Flows TCP192.168.1.1:1351 ➝ 147.18.38.1:445

Raw Pcap
0x00000000 (00000)   4f505449 4f4e5320 2f204854 54502f31   OPTIONS / HTTP/1
0x00000010 (00016)   2e310d0a 7472616e 736c6174 653a2066   .1..translate: f
0x00000020 (00032)   0d0a5573 65722d41 67656e74 3a204d69   ..User-Agent: Mi
0x00000030 (00048)   63726f73 6f66742d 57656244 41562d4d   crosoft-WebDAV-M
0x00000040 (00064)   696e6952 65646972 2f352e31 2e323630   iniRedir/5.1.260
0x00000050 (00080)   300d0a48 6f73743a 20323231 2e39382e   0..Host: 221.98.
0x00000060 (00096)   3134372e 310d0a43 6f6e7465 6e742d4c   147.1..Content-L
0x00000070 (00112)   656e6774 683a2030 0d0a436f 6e6e6563   ength: 0..Connec
0x00000080 (00128)   74696f6e 3a204b65 65702d41 6c697665   tion: Keep-Alive
0x00000090 (00144)   0d0a0d0a                              ....

0x00000000 (00000)   4f505449 4f4e5320 2f204854 54502f31   OPTIONS / HTTP/1
0x00000010 (00016)   2e310d0a 7472616e 736c6174 653a2066   .1..translate: f
0x00000020 (00032)   0d0a5573 65722d41 67656e74 3a204d69   ..User-Agent: Mi
0x00000030 (00048)   63726f73 6f66742d 57656244 41562d4d   crosoft-WebDAV-M
0x00000040 (00064)   696e6952 65646972 2f352e31 2e323630   iniRedir/5.1.260
0x00000050 (00080)   300d0a48 6f73743a 20313432 2e313838   0..Host: 142.188
0x00000060 (00096)   2e39372e 310d0a43 6f6e7465 6e742d4c   .97.1..Content-L
0x00000070 (00112)   656e6774 683a2030 0d0a436f 6e6e6563   ength: 0..Connec
0x00000080 (00128)   74696f6e 3a204b65 65702d41 6c697665   tion: Keep-Alive
0x00000090 (00144)   0d0a0d0a                              ....

0x00000000 (00000)   4f505449 4f4e5320 2f204854 54502f31   OPTIONS / HTTP/1
0x00000010 (00016)   2e310d0a 7472616e 736c6174 653a2066   .1..translate: f
0x00000020 (00032)   0d0a5573 65722d41 67656e74 3a204d69   ..User-Agent: Mi
0x00000030 (00048)   63726f73 6f66742d 57656244 41562d4d   crosoft-WebDAV-M
0x00000040 (00064)   696e6952 65646972 2f352e31 2e323630   iniRedir/5.1.260
0x00000050 (00080)   300d0a48 6f73743a 2037332e 3137312e   0..Host: 73.171.
0x00000060 (00096)   3135352e 310d0a43 6f6e7465 6e742d4c   155.1..Content-L
0x00000070 (00112)   656e6774 683a2030 0d0a436f 6e6e6563   ength: 0..Connec
0x00000080 (00128)   74696f6e 3a204b65 65702d41 6c697665   tion: Keep-Alive
0x00000090 (00144)   0d0a0d0a                              ....

0x00000000 (00000)   4f505449 4f4e5320 2f204854 54502f31   OPTIONS / HTTP/1
0x00000010 (00016)   2e310d0a 7472616e 736c6174 653a2066   .1..translate: f
0x00000020 (00032)   0d0a5573 65722d41 67656e74 3a204d69   ..User-Agent: Mi
0x00000030 (00048)   63726f73 6f66742d 57656244 41562d4d   crosoft-WebDAV-M
0x00000040 (00064)   696e6952 65646972 2f352e31 2e323630   iniRedir/5.1.260
0x00000050 (00080)   300d0a48 6f73743a 2032372e 37372e38   0..Host: 27.77.8
0x00000060 (00096)   362e310d 0a436f6e 74656e74 2d4c656e   6.1..Content-Len
0x00000070 (00112)   6774683a 20300d0a 436f6e6e 65637469   gth: 0..Connecti
0x00000080 (00128)   6f6e3a20 4b656570 2d416c69 76650d0a   on: Keep-Alive..
0x00000090 (00144)   0d0a0d0a                              ....

0x00000000 (00000)   4f505449 4f4e5320 2f204854 54502f31   OPTIONS / HTTP/1
0x00000010 (00016)   2e310d0a 7472616e 736c6174 653a2066   .1..translate: f
0x00000020 (00032)   0d0a5573 65722d41 67656e74 3a204d69   ..User-Agent: Mi
0x00000030 (00048)   63726f73 6f66742d 57656244 41562d4d   crosoft-WebDAV-M
0x00000040 (00064)   696e6952 65646972 2f352e31 2e323630   iniRedir/5.1.260
0x00000050 (00080)   300d0a48 6f73743a 20313239 2e313735   0..Host: 129.175
0x00000060 (00096)   2e38362e 310d0a43 6f6e7465 6e742d4c   .86.1..Content-L
0x00000070 (00112)   656e6774 683a2030 0d0a436f 6e6e6563   ength: 0..Connec
0x00000080 (00128)   74696f6e 3a204b65 65702d41 6c697665   tion: Keep-Alive
0x00000090 (00144)   0d0a0d0a                              ....

0x00000000 (00000)   4f505449 4f4e5320 2f204854 54502f31   OPTIONS / HTTP/1
0x00000010 (00016)   2e310d0a 7472616e 736c6174 653a2066   .1..translate: f
0x00000020 (00032)   0d0a5573 65722d41 67656e74 3a204d69   ..User-Agent: Mi
0x00000030 (00048)   63726f73 6f66742d 57656244 41562d4d   crosoft-WebDAV-M
0x00000040 (00064)   696e6952 65646972 2f352e31 2e323630   iniRedir/5.1.260
0x00000050 (00080)   300d0a48 6f73743a 2032392e 31372e39   0..Host: 29.17.9
0x00000060 (00096)   372e310d 0a436f6e 74656e74 2d4c656e   7.1..Content-Len
0x00000070 (00112)   6774683a 20300d0a 436f6e6e 65637469   gth: 0..Connecti
0x00000080 (00128)   6f6e3a20 4b656570 2d416c69 76650d0a   on: Keep-Alive..
0x00000090 (00144)   0d0a2047 4d540d0a 0d0a70a7 ff7f       .. GMT....p...

0x00000000 (00000)   4f505449 4f4e5320 2f204854 54502f31   OPTIONS / HTTP/1
0x00000010 (00016)   2e310d0a 7472616e 736c6174 653a2066   .1..translate: f
0x00000020 (00032)   0d0a5573 65722d41 67656e74 3a204d69   ..User-Agent: Mi
0x00000030 (00048)   63726f73 6f66742d 57656244 41562d4d   crosoft-WebDAV-M
0x00000040 (00064)   696e6952 65646972 2f352e31 2e323630   iniRedir/5.1.260
0x00000050 (00080)   300d0a48 6f73743a 20323130 2e33312e   0..Host: 210.31.
0x00000060 (00096)   39362e31 0d0a436f 6e74656e 742d4c65   96.1..Content-Le
0x00000070 (00112)   6e677468 3a20300d 0a436f6e 6e656374   ngth: 0..Connect
0x00000080 (00128)   696f6e3a 204b6565 702d416c 6976650d   ion: Keep-Alive.
0x00000090 (00144)   0a0d0a0a                              ....

0x00000000 (00000)   4f505449 4f4e5320 2f204854 54502f31   OPTIONS / HTTP/1
0x00000010 (00016)   2e310d0a 7472616e 736c6174 653a2066   .1..translate: f
0x00000020 (00032)   0d0a5573 65722d41 67656e74 3a204d69   ..User-Agent: Mi
0x00000030 (00048)   63726f73 6f66742d 57656244 41562d4d   crosoft-WebDAV-M
0x00000040 (00064)   696e6952 65646972 2f352e31 2e323630   iniRedir/5.1.260
0x00000050 (00080)   300d0a48 6f73743a 2035302e 392e3136   0..Host: 50.9.16
0x00000060 (00096)   332e310d 0a436f6e 74656e74 2d4c656e   3.1..Content-Len
0x00000070 (00112)   6774683a 20300d0a 436f6e6e 65637469   gth: 0..Connecti
0x00000080 (00128)   6f6e3a20 4b656570 2d416c69 76650d0a   on: Keep-Alive..
0x00000090 (00144)   0d0a2047 4d540d0a 0d0a                .. GMT....

0x00000000 (00000)   4f505449 4f4e5320 2f204854 54502f31   OPTIONS / HTTP/1
0x00000010 (00016)   2e310d0a 7472616e 736c6174 653a2066   .1..translate: f
0x00000020 (00032)   0d0a5573 65722d41 67656e74 3a204d69   ..User-Agent: Mi
0x00000030 (00048)   63726f73 6f66742d 57656244 41562d4d   crosoft-WebDAV-M
0x00000040 (00064)   696e6952 65646972 2f352e31 2e323630   iniRedir/5.1.260
0x00000050 (00080)   300d0a48 6f73743a 20323130 2e313535   0..Host: 210.155
0x00000060 (00096)   2e313335 2e310d0a 436f6e74 656e742d   .135.1..Content-
0x00000070 (00112)   4c656e67 74683a20 300d0a43 6f6e6e65   Length: 0..Conne
0x00000080 (00128)   6374696f 6e3a204b 6565702d 416c6976   ction: Keep-Aliv
0x00000090 (00144)   650d0a0d 0a352c32 31302e35 312e3234   e....5,210.51.24
0x000000a0 (00160)   372e3233 313a3434                     7.231:44

0x00000000 (00000)   4f505449 4f4e5320 2f204854 54502f31   OPTIONS / HTTP/1
0x00000010 (00016)   2e310d0a 7472616e 736c6174 653a2066   .1..translate: f
0x00000020 (00032)   0d0a5573 65722d41 67656e74 3a204d69   ..User-Agent: Mi
0x00000030 (00048)   63726f73 6f66742d 57656244 41562d4d   crosoft-WebDAV-M
0x00000040 (00064)   696e6952 65646972 2f352e31 2e323630   iniRedir/5.1.260
0x00000050 (00080)   300d0a48 6f73743a 20313034 2e31342e   0..Host: 104.14.
0x00000060 (00096)   3130372e 310d0a43 6f6e7465 6e742d4c   107.1..Content-L
0x00000070 (00112)   656e6774 683a2030 0d0a436f 6e6e6563   ength: 0..Connec
0x00000080 (00128)   74696f6e 3a204b65 65702d41 6c697665   tion: Keep-Alive
0x00000090 (00144)   0d0a0d0a                              ....

0x00000000 (00000)   4f505449 4f4e5320 2f204854 54502f31   OPTIONS / HTTP/1
0x00000010 (00016)   2e310d0a 7472616e 736c6174 653a2066   .1..translate: f
0x00000020 (00032)   0d0a5573 65722d41 67656e74 3a204d69   ..User-Agent: Mi
0x00000030 (00048)   63726f73 6f66742d 57656244 41562d4d   crosoft-WebDAV-M
0x00000040 (00064)   696e6952 65646972 2f352e31 2e323630   iniRedir/5.1.260
0x00000050 (00080)   300d0a48 6f73743a 2032362e 33392e31   0..Host: 26.39.1
0x00000060 (00096)   37382e31 0d0a436f 6e74656e 742d4c65   78.1..Content-Le
0x00000070 (00112)   6e677468 3a20300d 0a436f6e 6e656374   ngth: 0..Connect
0x00000080 (00128)   696f6e3a 204b6565 702d416c 6976650d   ion: Keep-Alive.
0x00000090 (00144)   0a0d0a                                ...

0x00000000 (00000)   4f505449 4f4e5320 2f204854 54502f31   OPTIONS / HTTP/1
0x00000010 (00016)   2e310d0a 7472616e 736c6174 653a2066   .1..translate: f
0x00000020 (00032)   0d0a5573 65722d41 67656e74 3a204d69   ..User-Agent: Mi
0x00000030 (00048)   63726f73 6f66742d 57656244 41562d4d   crosoft-WebDAV-M
0x00000040 (00064)   696e6952 65646972 2f352e31 2e323630   iniRedir/5.1.260
0x00000050 (00080)   300d0a48 6f73743a 2034322e 38382e32   0..Host: 42.88.2
0x00000060 (00096)   31322e31 0d0a436f 6e74656e 742d4c65   12.1..Content-Le
0x00000070 (00112)   6e677468 3a20300d 0a436f6e 6e656374   ngth: 0..Connect
0x00000080 (00128)   696f6e3a 204b6565 702d416c 6976650d   ion: Keep-Alive.
0x00000090 (00144)   0a0d0a38 2e313a34 34352c33 302e352e   ...8.1:445,30.5.
0x000000a0 (00160)   3135392e 3232373a 3434352c 3231302e   159.227:445,210.
0x000000b0 (00176)   312e3935 2e313a34 34352c32 322e3336   1.95.1:445,22.36
0x000000c0 (00192)   2e313832 2e313a34 34352c31 33342e31   .182.1:445,134.1
0x000000d0 (00208)   39362e31 32312e31 3a343435 2c32322e   96.121.1:445,22.
0x000000e0 (00224)   3138352e 3234392e 37393a34 34352c32   185.249.79:445,2
0x000000f0 (00240)   32312e39 382e3134 372e313a 38302c73   21.98.147.1:80,s
0x00000100 (00256)   63616e20 74797065 3a205359 4e         can type: SYN

0x00000000 (00000)   4f505449 4f4e5320 2f204854 54502f31   OPTIONS / HTTP/1
0x00000010 (00016)   2e310d0a 7472616e 736c6174 653a2066   .1..translate: f
0x00000020 (00032)   0d0a5573 65722d41 67656e74 3a204d69   ..User-Agent: Mi
0x00000030 (00048)   63726f73 6f66742d 57656244 41562d4d   crosoft-WebDAV-M
0x00000040 (00064)   696e6952 65646972 2f352e31 2e323630   iniRedir/5.1.260
0x00000050 (00080)   300d0a48 6f73743a 20313931 2e313533   0..Host: 191.153
0x00000060 (00096)   2e313533 2e310d0a 436f6e74 656e742d   .153.1..Content-
0x00000070 (00112)   4c656e67 74683a20 300d0a43 6f6e6e65   Length: 0..Conne
0x00000080 (00128)   6374696f 6e3a204b 6565702d 416c6976   ction: Keep-Aliv
0x00000090 (00144)   650d0a0d 0a                           e....

0x00000000 (00000)   4f505449 4f4e5320 2f204854 54502f31   OPTIONS / HTTP/1
0x00000010 (00016)   2e310d0a 7472616e 736c6174 653a2066   .1..translate: f
0x00000020 (00032)   0d0a5573 65722d41 67656e74 3a204d69   ..User-Agent: Mi
0x00000030 (00048)   63726f73 6f66742d 57656244 41562d4d   crosoft-WebDAV-M
0x00000040 (00064)   696e6952 65646972 2f352e31 2e323630   iniRedir/5.1.260
0x00000050 (00080)   300d0a48 6f73743a 20323130 2e33312e   0..Host: 210.31.
0x00000060 (00096)   3131392e 310d0a43 6f6e7465 6e742d4c   119.1..Content-L
0x00000070 (00112)   656e6774 683a2030 0d0a436f 6e6e6563   ength: 0..Connec
0x00000080 (00128)   74696f6e 3a204b65 65702d41 6c697665   tion: Keep-Alive
0x00000090 (00144)   0d0a0d0a 4d540d0a 0d0a                ....MT....

0x00000000 (00000)   4f505449 4f4e5320 2f204854 54502f31   OPTIONS / HTTP/1
0x00000010 (00016)   2e310d0a 7472616e 736c6174 653a2066   .1..translate: f
0x00000020 (00032)   0d0a5573 65722d41 67656e74 3a204d69   ..User-Agent: Mi
0x00000030 (00048)   63726f73 6f66742d 57656244 41562d4d   crosoft-WebDAV-M
0x00000040 (00064)   696e6952 65646972 2f352e31 2e323630   iniRedir/5.1.260
0x00000050 (00080)   300d0a48 6f73743a 2038302e 38322e31   0..Host: 80.82.1
0x00000060 (00096)   35372e31 0d0a436f 6e74656e 742d4c65   57.1..Content-Le
0x00000070 (00112)   6e677468 3a20300d 0a436f6e 6e656374   ngth: 0..Connect
0x00000080 (00128)   696f6e3a 204b6565 702d416c 6976650d   ion: Keep-Alive.
0x00000090 (00144)   0a0d0a2e 3235333a 3434352c 3231312e   ....253:445,211.
0x000000a0 (00160)   3231352e 3131352e 313a3434 352c3231   215.115.1:445,21
0x000000b0 (00176)   302e3138 372e3239 2e313a34 34352c31   0.187.29.1:445,1
0x000000c0 (00192)   30362e31 36312e31 36332e35 313a3434   06.161.163.51:44
0x000000d0 (00208)   352c3231 302e3135 352e3133 352e313a   5,210.155.135.1:
0x000000e0 (00224)   3434352c 3134332e 31372e33 312e3131   445,143.17.31.11
0x000000f0 (00240)   383a3434 352c3135 312e3435 2e313639   8:445,151.45.169
0x00000100 (00256)   2e313a34 34352c73 63616e20 74797065   .1:445,scan type
0x00000110 (00272)   3a205359 4e                           : SYN

0x00000000 (00000)   4f505449 4f4e5320 2f204854 54502f31   OPTIONS / HTTP/1
0x00000010 (00016)   2e310d0a 7472616e 736c6174 653a2066   .1..translate: f
0x00000020 (00032)   0d0a5573 65722d41 67656e74 3a204d69   ..User-Agent: Mi
0x00000030 (00048)   63726f73 6f66742d 57656244 41562d4d   crosoft-WebDAV-M
0x00000040 (00064)   696e6952 65646972 2f352e31 2e323630   iniRedir/5.1.260
0x00000050 (00080)   300d0a48 6f73743a 20313036 2e313631   0..Host: 106.161
0x00000060 (00096)   2e313633 2e310d0a 436f6e74 656e742d   .163.1..Content-
0x00000070 (00112)   4c656e67 74683a20 300d0a43 6f6e6e65   Length: 0..Conne
0x00000080 (00128)   6374696f 6e3a204b 6565702d 416c6976   ction: Keep-Aliv
0x00000090 (00144)   650d0a0d 0a540d0a 0d0a                e....T....

0x00000000 (00000)   4f505449 4f4e5320 2f204854 54502f31   OPTIONS / HTTP/1
0x00000010 (00016)   2e310d0a 7472616e 736c6174 653a2066   .1..translate: f
0x00000020 (00032)   0d0a5573 65722d41 67656e74 3a204d69   ..User-Agent: Mi
0x00000030 (00048)   63726f73 6f66742d 57656244 41562d4d   crosoft-WebDAV-M
0x00000040 (00064)   696e6952 65646972 2f352e31 2e323630   iniRedir/5.1.260
0x00000050 (00080)   300d0a48 6f73743a 20313132 2e313431   0..Host: 112.141
0x00000060 (00096)   2e36312e 310d0a43 6f6e7465 6e742d4c   .61.1..Content-L
0x00000070 (00112)   656e6774 683a2030 0d0a436f 6e6e6563   ength: 0..Connec
0x00000080 (00128)   74696f6e 3a204b65 65702d41 6c697665   tion: Keep-Alive
0x00000090 (00144)   0d0a0d0a                              ....

0x00000000 (00000)   4f505449 4f4e5320 2f204854 54502f31   OPTIONS / HTTP/1
0x00000010 (00016)   2e310d0a 7472616e 736c6174 653a2066   .1..translate: f
0x00000020 (00032)   0d0a5573 65722d41 67656e74 3a204d69   ..User-Agent: Mi
0x00000030 (00048)   63726f73 6f66742d 57656244 41562d4d   crosoft-WebDAV-M
0x00000040 (00064)   696e6952 65646972 2f352e31 2e323630   iniRedir/5.1.260
0x00000050 (00080)   300d0a48 6f73743a 20313839 2e35382e   0..Host: 189.58.
0x00000060 (00096)   31342e31 0d0a436f 6e74656e 742d4c65   14.1..Content-Le
0x00000070 (00112)   6e677468 3a20300d 0a436f6e 6e656374   ngth: 0..Connect
0x00000080 (00128)   696f6e3a 204b6565 702d416c 6976650d   ion: Keep-Alive.
0x00000090 (00144)   0a0d0a                                ...

0x00000000 (00000)   4f505449 4f4e5320 2f204854 54502f31   OPTIONS / HTTP/1
0x00000010 (00016)   2e310d0a 7472616e 736c6174 653a2066   .1..translate: f
0x00000020 (00032)   0d0a5573 65722d41 67656e74 3a204d69   ..User-Agent: Mi
0x00000030 (00048)   63726f73 6f66742d 57656244 41562d4d   crosoft-WebDAV-M
0x00000040 (00064)   696e6952 65646972 2f352e31 2e323630   iniRedir/5.1.260
0x00000050 (00080)   300d0a48 6f73743a 20323131 2e323135   0..Host: 211.215
0x00000060 (00096)   2e313135 2e310d0a 436f6e74 656e742d   .115.1..Content-
0x00000070 (00112)   4c656e67 74683a20 300d0a43 6f6e6e65   Length: 0..Conne
0x00000080 (00128)   6374696f 6e3a204b 6565702d 416c6976   ction: Keep-Aliv
0x00000090 (00144)   650d0a0d 0a540d0a 0d0a3231 302e3135   e....T....210.15
0x000000a0 (00160)   302e3135 332e313a 3434352c 32382e33   0.153.1:445,28.3
0x000000b0 (00176)   392e3139 382e3232 323a3434 352c3134   9.198.222:445,14
0x000000c0 (00192)   302e3232 352e3936 2e313a34 34352c32   0.225.96.1:445,2
0x000000d0 (00208)   32312e39 382e3134 372e323a 3434352c   21.98.147.2:445,
0x000000e0 (00224)   3137392e 3133332e 3230342e 33343a34   179.133.204.34:4
0x000000f0 (00240)   34352c38 302e3832 2e313537 2e313a38   45,80.82.157.1:8
0x00000100 (00256)   302c7363 616e2074 7970653a 2053594e   0,scan type: SYN
0x00000110 (00272)                                         

0x00000000 (00000)   4f505449 4f4e5320 2f204854 54502f31   OPTIONS / HTTP/1
0x00000010 (00016)   2e310d0a 7472616e 736c6174 653a2066   .1..translate: f
0x00000020 (00032)   0d0a5573 65722d41 67656e74 3a204d69   ..User-Agent: Mi
0x00000030 (00048)   63726f73 6f66742d 57656244 41562d4d   crosoft-WebDAV-M
0x00000040 (00064)   696e6952 65646972 2f352e31 2e323630   iniRedir/5.1.260
0x00000050 (00080)   300d0a48 6f73743a 2032372e 3132332e   0..Host: 27.123.
0x00000060 (00096)   3131332e 310d0a43 6f6e7465 6e742d4c   113.1..Content-L
0x00000070 (00112)   656e6774 683a2030 0d0a436f 6e6e6563   ength: 0..Connec
0x00000080 (00128)   74696f6e 3a204b65 65702d41 6c697665   tion: Keep-Alive
0x00000090 (00144)   0d0a0d0a 4d540d0a 0d0a                ....MT....

0x00000000 (00000)   4f505449 4f4e5320 2f204854 54502f31   OPTIONS / HTTP/1
0x00000010 (00016)   2e310d0a 7472616e 736c6174 653a2066   .1..translate: f
0x00000020 (00032)   0d0a5573 65722d41 67656e74 3a204d69   ..User-Agent: Mi
0x00000030 (00048)   63726f73 6f66742d 57656244 41562d4d   crosoft-WebDAV-M
0x00000040 (00064)   696e6952 65646972 2f352e31 2e323630   iniRedir/5.1.260
0x00000050 (00080)   300d0a48 6f73743a 20323130 2e313431   0..Host: 210.141
0x00000060 (00096)   2e38342e 310d0a43 6f6e7465 6e742d4c   .84.1..Content-L
0x00000070 (00112)   656e6774 683a2030 0d0a436f 6e6e6563   ength: 0..Connec
0x00000080 (00128)   74696f6e 3a204b65 65702d41 6c697665   tion: Keep-Alive
0x00000090 (00144)   0d0a0d0a 4d540d0a 0d0a352c 3231312e   ....MT....5,211.
0x000000a0 (00160)   3231352e 3131352e 313a3434 352c3231   215.115.1:445,21
0x000000b0 (00176)   302e3138 372e3239 2e313a34 34352c31   0.187.29.1:445,1
0x000000c0 (00192)   30362e31 36312e31 36332e35 313a3434   06.161.163.51:44
0x000000d0 (00208)   352c3231 302e3135 352e3133 352e313a   5,210.155.135.1:
0x000000e0 (00224)   3434352c 3134332e 31372e33 312e3131   445,143.17.31.11
0x000000f0 (00240)   383a3434 352c3135 312e3435 2e313639   8:445,151.45.169
0x00000100 (00256)   2e313a34 34352c73 63616e20 74797065   .1:445,scan type
0x00000110 (00272)   3a205359 4e                           : SYN

0x00000000 (00000)   4f505449 4f4e5320 2f204854 54502f31   OPTIONS / HTTP/1
0x00000010 (00016)   2e310d0a 7472616e 736c6174 653a2066   .1..translate: f
0x00000020 (00032)   0d0a5573 65722d41 67656e74 3a204d69   ..User-Agent: Mi
0x00000030 (00048)   63726f73 6f66742d 57656244 41562d4d   crosoft-WebDAV-M
0x00000040 (00064)   696e6952 65646972 2f352e31 2e323630   iniRedir/5.1.260
0x00000050 (00080)   300d0a48 6f73743a 20323130 2e35312e   0..Host: 210.51.
0x00000060 (00096)   3234372e 310d0a43 6f6e7465 6e742d4c   247.1..Content-L
0x00000070 (00112)   656e6774 683a2030 0d0a436f 6e6e6563   ength: 0..Connec
0x00000080 (00128)   74696f6e 3a204b65 65702d41 6c697665   tion: Keep-Alive
0x00000090 (00144)   0d0a0d0a 2e313a38 302c3137 322e3136   .....1:80,172.16
0x000000a0 (00160)   372e3630 2e323432 3a343435 2c323130   7.60.242:445,210
0x000000b0 (00176)   2e313036 2e36352e 313a3434 352c3139   .106.65.1:445,19
0x000000c0 (00192)   312e3135 332e3135 332e323a 3434352c   1.153.153.2:445,
0x000000d0 (00208)   3232302e 3137372e 3138312e 313a3434   220.177.181.1:44
0x000000e0 (00224)   352c3231 302e3134 312e3834 2e313a38   5,210.141.84.1:8
0x000000f0 (00240)   302c3231 302e3135 332e3131 342e3430   0,210.153.114.40
0x00000100 (00256)   3a343435 2c736361 6e207479 70653a20   :445,scan type: 
0x00000110 (00272)   53594e                                SYN

0x00000000 (00000)   4f505449 4f4e5320 2f204854 54502f31   OPTIONS / HTTP/1
0x00000010 (00016)   2e310d0a 7472616e 736c6174 653a2066   .1..translate: f
0x00000020 (00032)   0d0a5573 65722d41 67656e74 3a204d69   ..User-Agent: Mi
0x00000030 (00048)   63726f73 6f66742d 57656244 41562d4d   crosoft-WebDAV-M
0x00000040 (00064)   696e6952 65646972 2f352e31 2e323630   iniRedir/5.1.260
0x00000050 (00080)   300d0a48 6f73743a 20323130 2e313837   0..Host: 210.187
0x00000060 (00096)   2e32392e 310d0a43 6f6e7465 6e742d4c   .29.1..Content-L
0x00000070 (00112)   656e6774 683a2030 0d0a436f 6e6e6563   ength: 0..Connec
0x00000080 (00128)   74696f6e 3a204b65 65702d41 6c697665   tion: Keep-Alive
0x00000090 (00144)   0d0a0d0a 4d540d0a 0d0a70a7 ff7f       ....MT....p...

0x00000000 (00000)   4f505449 4f4e5320 2f204854 54502f31   OPTIONS / HTTP/1
0x00000010 (00016)   2e310d0a 7472616e 736c6174 653a2066   .1..translate: f
0x00000020 (00032)   0d0a5573 65722d41 67656e74 3a204d69   ..User-Agent: Mi
0x00000030 (00048)   63726f73 6f66742d 57656244 41562d4d   crosoft-WebDAV-M
0x00000040 (00064)   696e6952 65646972 2f352e31 2e323630   iniRedir/5.1.260
0x00000050 (00080)   300d0a48 6f73743a 2039382e 31302e34   0..Host: 98.10.4
0x00000060 (00096)   322e310d 0a436f6e 74656e74 2d4c656e   2.1..Content-Len
0x00000070 (00112)   6774683a 20300d0a 436f6e6e 65637469   gth: 0..Connecti
0x00000080 (00128)   6f6e3a20 4b656570 2d416c69 76650d0a   on: Keep-Alive..
0x00000090 (00144)   0d0a2e31 3a343435 2c323130 2e313837   ...1:445,210.187
0x000000a0 (00160)   2e32392e 313a3830 2c313034 2e31342e   .29.1:80,104.14.
0x000000b0 (00176)   3130372e 323a3434 352c3237 2e372e35   107.2:445,27.7.5
0x000000c0 (00192)   332e313a 3434352c 3132362e 37322e31   3.1:445,126.72.1
0x000000d0 (00208)   31382e32 33343a34 34352c39 382e3130   18.234:445,98.10
0x000000e0 (00224)   2e34322e 313a3830 2c38382e 362e3631   .42.1:80,88.6.61
0x000000f0 (00240)   2e313a34 34352c73 63616e20 74797065   .1:445,scan type
0x00000100 (00256)   3a205359 4e                           : SYN

0x00000000 (00000)   4f505449 4f4e5320 2f204854 54502f31   OPTIONS / HTTP/1
0x00000010 (00016)   2e310d0a 7472616e 736c6174 653a2066   .1..translate: f
0x00000020 (00032)   0d0a5573 65722d41 67656e74 3a204d69   ..User-Agent: Mi
0x00000030 (00048)   63726f73 6f66742d 57656244 41562d4d   crosoft-WebDAV-M
0x00000040 (00064)   696e6952 65646972 2f352e31 2e323630   iniRedir/5.1.260
0x00000050 (00080)   300d0a48 6f73743a 20313433 2e31372e   0..Host: 143.17.
0x00000060 (00096)   33312e31 0d0a436f 6e74656e 742d4c65   31.1..Content-Le
0x00000070 (00112)   6e677468 3a20300d 0a436f6e 6e656374   ngth: 0..Connect
0x00000080 (00128)   696f6e3a 204b6565 702d416c 6976650d   ion: Keep-Alive.
0x00000090 (00144)   0a0d0a47 4d540d0a 0d0a                ...GMT....

0x00000000 (00000)   4f505449 4f4e5320 2f204854 54502f31   OPTIONS / HTTP/1
0x00000010 (00016)   2e310d0a 7472616e 736c6174 653a2066   .1..translate: f
0x00000020 (00032)   0d0a5573 65722d41 67656e74 3a204d69   ..User-Agent: Mi
0x00000030 (00048)   63726f73 6f66742d 57656244 41562d4d   crosoft-WebDAV-M
0x00000040 (00064)   696e6952 65646972 2f352e31 2e323630   iniRedir/5.1.260
0x00000050 (00080)   300d0a48 6f73743a 20313531 2e34352e   0..Host: 151.45.
0x00000060 (00096)   3136392e 310d0a43 6f6e7465 6e742d4c   169.1..Content-L
0x00000070 (00112)   656e6774 683a2030 0d0a436f 6e6e6563   ength: 0..Connec
0x00000080 (00128)   74696f6e 3a204b65 65702d41 6c697665   tion: Keep-Alive
0x00000090 (00144)   0d0a0d0a                              ....

0x00000000 (00000)   4f505449 4f4e5320 2f204854 54502f31   OPTIONS / HTTP/1
0x00000010 (00016)   2e310d0a 7472616e 736c6174 653a2066   .1..translate: f
0x00000020 (00032)   0d0a5573 65722d41 67656e74 3a204d69   ..User-Agent: Mi
0x00000030 (00048)   63726f73 6f66742d 57656244 41562d4d   crosoft-WebDAV-M
0x00000040 (00064)   696e6952 65646972 2f352e31 2e323630   iniRedir/5.1.260
0x00000050 (00080)   300d0a48 6f73743a 20313334 2e313936   0..Host: 134.196
0x00000060 (00096)   2e313231 2e310d0a 436f6e74 656e742d   .121.1..Content-
0x00000070 (00112)   4c656e67 74683a20 300d0a43 6f6e6e65   Length: 0..Conne
0x00000080 (00128)   6374696f 6e3a204b 6565702d 416c6976   ction: Keep-Aliv
0x00000090 (00144)   650d0a0d 0a                           e....

0x00000000 (00000)   4f505449 4f4e5320 2f204854 54502f31   OPTIONS / HTTP/1
0x00000010 (00016)   2e310d0a 7472616e 736c6174 653a2066   .1..translate: f
0x00000020 (00032)   0d0a5573 65722d41 67656e74 3a204d69   ..User-Agent: Mi
0x00000030 (00048)   63726f73 6f66742d 57656244 41562d4d   crosoft-WebDAV-M
0x00000040 (00064)   696e6952 65646972 2f352e31 2e323630   iniRedir/5.1.260
0x00000050 (00080)   300d0a48 6f73743a 2032322e 33362e31   0..Host: 22.36.1
0x00000060 (00096)   38322e31 0d0a436f 6e74656e 742d4c65   82.1..Content-Le
0x00000070 (00112)   6e677468 3a20300d 0a436f6e 6e656374   ngth: 0..Connect
0x00000080 (00128)   696f6e3a 204b6565 702d416c 6976650d   ion: Keep-Alive.
0x00000090 (00144)   0a0d0a38 362e323a 3434352c 3231302e   ...86.2:445,210.
0x000000a0 (00160)   3132342e 3132372e 313a3434 352c3237   124.127.1:445,27
0x000000b0 (00176)   2e37372e 38362e32 3a343435 2c32372e   .77.86.2:445,27.
0x000000c0 (00192)   372e3533 2e313a34 34352c31 38392e35   7.53.1:445,189.5
0x000000d0 (00208)   382e3134 2e313a38 302c3239 2e31372e   8.14.1:80,29.17.
0x000000e0 (00224)   39372e32 3a343435 2c313832 2e32392e   97.2:445,182.29.
0x000000f0 (00240)   3135302e 3138373a 3434352c 7363616e   150.187:445,scan
0x00000100 (00256)   20747970 653a2053 594e                 type: SYN

0x00000000 (00000)   4f505449 4f4e5320 2f204854 54502f31   OPTIONS / HTTP/1
0x00000010 (00016)   2e310d0a 7472616e 736c6174 653a2066   .1..translate: f
0x00000020 (00032)   0d0a5573 65722d41 67656e74 3a204d69   ..User-Agent: Mi
0x00000030 (00048)   63726f73 6f66742d 57656244 41562d4d   crosoft-WebDAV-M
0x00000040 (00064)   696e6952 65646972 2f352e31 2e323630   iniRedir/5.1.260
0x00000050 (00080)   300d0a48 6f73743a 20313131 2e35372e   0..Host: 111.57.
0x00000060 (00096)   3132372e 310d0a43 6f6e7465 6e742d4c   127.1..Content-L
0x00000070 (00112)   656e6774 683a2030 0d0a436f 6e6e6563   ength: 0..Connec
0x00000080 (00128)   74696f6e 3a204b65 65702d41 6c697665   tion: Keep-Alive
0x00000090 (00144)   0d0a0d0a                              ....

0x00000000 (00000)   4f505449 4f4e5320 2f204854 54502f31   OPTIONS / HTTP/1
0x00000010 (00016)   2e310d0a 7472616e 736c6174 653a2066   .1..translate: f
0x00000020 (00032)   0d0a5573 65722d41 67656e74 3a204d69   ..User-Agent: Mi
0x00000030 (00048)   63726f73 6f66742d 57656244 41562d4d   crosoft-WebDAV-M
0x00000040 (00064)   696e6952 65646972 2f352e31 2e323630   iniRedir/5.1.260
0x00000050 (00080)   300d0a48 6f73743a 20323130 2e39352e   0..Host: 210.95.
0x00000060 (00096)   3130332e 310d0a43 6f6e7465 6e742d4c   103.1..Content-L
0x00000070 (00112)   656e6774 683a2030 0d0a436f 6e6e6563   ength: 0..Connec
0x00000080 (00128)   74696f6e 3a204b65 65702d41 6c697665   tion: Keep-Alive
0x00000090 (00144)   0d0a0d0a 2e34383a 3434352c 3135322e   .....48:445,152.
0x000000a0 (00160)   36392e32 2e313a34 34352c31 30362e31   69.2.1:445,106.1
0x000000b0 (00176)   36312e31 36332e32 3a343435 2c313839   61.163.2:445,189
0x000000c0 (00192)   2e35382e 31342e32 3a343435 2c323131   .58.14.2:445,211
0x000000d0 (00208)   2e323135 2e313135 2e323a34 34352c31   .215.115.2:445,1
0x000000e0 (00224)   34342e31 32322e39 322e313a 3434352c   44.122.92.1:445,
0x000000f0 (00240)   3132312e 3231352e 3232392e 38313a34   121.215.229.81:4
0x00000100 (00256)   34352c73 63616e20 74797065 3a205359   45,scan type: SY
0x00000110 (00272)   4e                                    N

0x00000000 (00000)   4f505449 4f4e5320 2f204854 54502f31   OPTIONS / HTTP/1
0x00000010 (00016)   2e310d0a 7472616e 736c6174 653a2066   .1..translate: f
0x00000020 (00032)   0d0a5573 65722d41 67656e74 3a204d69   ..User-Agent: Mi
0x00000030 (00048)   63726f73 6f66742d 57656244 41562d4d   crosoft-WebDAV-M
0x00000040 (00064)   696e6952 65646972 2f352e31 2e323630   iniRedir/5.1.260
0x00000050 (00080)   300d0a48 6f73743a 20313937 2e313333   0..Host: 197.133
0x00000060 (00096)   2e35312e 310d0a43 6f6e7465 6e742d4c   .51.1..Content-L
0x00000070 (00112)   656e6774 683a2030 0d0a436f 6e6e6563   ength: 0..Connec
0x00000080 (00128)   74696f6e 3a204b65 65702d41 6c697665   tion: Keep-Alive
0x00000090 (00144)   0d0a0d0a 4d540d0a 0d0a                ....MT....

0x00000000 (00000)   4f505449 4f4e5320 2f204854 54502f31   OPTIONS / HTTP/1
0x00000010 (00016)   2e310d0a 7472616e 736c6174 653a2066   .1..translate: f
0x00000020 (00032)   0d0a5573 65722d41 67656e74 3a204d69   ..User-Agent: Mi
0x00000030 (00048)   63726f73 6f66742d 57656244 41562d4d   crosoft-WebDAV-M
0x00000040 (00064)   696e6952 65646972 2f352e31 2e323630   iniRedir/5.1.260
0x00000050 (00080)   300d0a48 6f73743a 2032302e 3133342e   0..Host: 20.134.
0x00000060 (00096)   3139342e 310d0a43 6f6e7465 6e742d4c   194.1..Content-L
0x00000070 (00112)   656e6774 683a2030 0d0a436f 6e6e6563   ength: 0..Connec
0x00000080 (00128)   74696f6e 3a204b65 65702d41 6c697665   tion: Keep-Alive
0x00000090 (00144)   0d0a0d0a 2e313a34 34352c31 37332e39   .....1:445,173.9
0x000000a0 (00160)   332e3137 302e3839                     3.170.89

0x00000000 (00000)   4f505449 4f4e5320 2f204854 54502f31   OPTIONS / HTTP/1
0x00000010 (00016)   2e310d0a 7472616e 736c6174 653a2066   .1..translate: f
0x00000020 (00032)   0d0a5573 65722d41 67656e74 3a204d69   ..User-Agent: Mi
0x00000030 (00048)   63726f73 6f66742d 57656244 41562d4d   crosoft-WebDAV-M
0x00000040 (00064)   696e6952 65646972 2f352e31 2e323630   iniRedir/5.1.260
0x00000050 (00080)   300d0a48 6f73743a 2038372e 31332e32   0..Host: 87.13.2
0x00000060 (00096)   33362e31 0d0a436f 6e74656e 742d4c65   36.1..Content-Le
0x00000070 (00112)   6e677468 3a20300d 0a436f6e 6e656374   ngth: 0..Connect
0x00000080 (00128)   696f6e3a 204b6565 702d416c 6976650d   ion: Keep-Alive.
0x00000090 (00144)   0a0d0a47 4d540d0a 0d0a3139 312e3135   ...GMT....191.15
0x000000a0 (00160)   332e3135 332e323a 3434352c 3134332e   3.153.2:445,143.
0x000000b0 (00176)   31372e33 312e313a 38302c32 31302e31   17.31.1:80,210.1
0x000000c0 (00192)   35332e31 31342e31 3a343435 2c313232   53.114.1:445,122
0x000000d0 (00208)   2e323532 2e313336 2e323a34 34352c31   .252.136.2:445,1
0x000000e0 (00224)   35312e34 352e3136 392e313a 38302c32   51.45.169.1:80,2
0x000000f0 (00240)   32302e31 37372e31 38312e31 3a343435   20.177.181.1:445
0x00000100 (00256)   2c736361 6e207479 70653a20 53594e     ,scan type: SYN

0x00000000 (00000)   4f505449 4f4e5320 2f204854 54502f31   OPTIONS / HTTP/1
0x00000010 (00016)   2e310d0a 7472616e 736c6174 653a2066   .1..translate: f
0x00000020 (00032)   0d0a5573 65722d41 67656e74 3a204d69   ..User-Agent: Mi
0x00000030 (00048)   63726f73 6f66742d 57656244 41562d4d   crosoft-WebDAV-M
0x00000040 (00064)   696e6952 65646972 2f352e31 2e323630   iniRedir/5.1.260
0x00000050 (00080)   300d0a48 6f73743a 20323130 2e313637   0..Host: 210.167
0x00000060 (00096)   2e39382e 310d0a43 6f6e7465 6e742d4c   .98.1..Content-L
0x00000070 (00112)   656e6774 683a2030 0d0a436f 6e6e6563   ength: 0..Connec
0x00000080 (00128)   74696f6e 3a204b65 65702d41 6c697665   tion: Keep-Alive
0x00000090 (00144)   0d0a0d0a 0a540d0a 0d0a                .....T....

0x00000000 (00000)   4f505449 4f4e5320 2f204854 54502f31   OPTIONS / HTTP/1
0x00000010 (00016)   2e310d0a 7472616e 736c6174 653a2066   .1..translate: f
0x00000020 (00032)   0d0a5573 65722d41 67656e74 3a204d69   ..User-Agent: Mi
0x00000030 (00048)   63726f73 6f66742d 57656244 41562d4d   crosoft-WebDAV-M
0x00000040 (00064)   696e6952 65646972 2f352e31 2e323630   iniRedir/5.1.260
0x00000050 (00080)   300d0a48 6f73743a 2033302e 352e3135   0..Host: 30.5.15
0x00000060 (00096)   392e310d 0a436f6e 74656e74 2d4c656e   9.1..Content-Len
0x00000070 (00112)   6774683a 20300d0a 436f6e6e 65637469   gth: 0..Connecti
0x00000080 (00128)   6f6e3a20 4b656570 2d416c69 76650d0a   on: Keep-Alive..
0x00000090 (00144)   0d0a332e 3161                         ..3.1a

0x00000000 (00000)   4f505449 4f4e5320 2f204854 54502f31   OPTIONS / HTTP/1
0x00000010 (00016)   2e310d0a 7472616e 736c6174 653a2066   .1..translate: f
0x00000020 (00032)   0d0a5573 65722d41 67656e74 3a204d69   ..User-Agent: Mi
0x00000030 (00048)   63726f73 6f66742d 57656244 41562d4d   crosoft-WebDAV-M
0x00000040 (00064)   696e6952 65646972 2f352e31 2e323630   iniRedir/5.1.260
0x00000050 (00080)   300d0a48 6f73743a 2033372e 3137302e   0..Host: 37.170.
0x00000060 (00096)   3136322e 310d0a43 6f6e7465 6e742d4c   162.1..Content-L
0x00000070 (00112)   656e6774 683a2030 0d0a436f 6e6e6563   ength: 0..Connec
0x00000080 (00128)   74696f6e 3a204b65 65702d41 6c697665   tion: Keep-Alive
0x00000090 (00144)   0d0a0d0a 4d540d0a 0d0a6430 61202020   ....MT....d0a   
0x000000a0 (00160)   20202020 20202020 20202020 20202020                   
0x000000b0 (00176)   20202020 20202020 2020202e 2e2e2e0a              .....
0x000000c0 (00192)                                         


Strings
#+3;CScs
         (((((                  H
jjjh
	RT_RCDATA
~!@#$%^&*()_+
!@#$%^
!@#$%^&
!@#$%^&*
!@#$%^&*(
!@#$%^&*()
0-baUO
0Kj%6cb
111111
123456
1234567
`1&5X-
1fQ1]J
*1+*T/
_%1W_H
209.85.210.24
209.85.223.27
209.85.223.33
231We{
2%&5"%4
25y{kt
2jzHN{q
_/~[2T
&&30hQ
32.dll
33{zrJ
3d^u$-
3dxNGA
3e(_)(
=3w/&E
3zzM_PZ
\@ 4cX
~5jm\h
5s4F"h
654321
6$D&"a
< )6N[
7{":]1
7E4%ksB
{7r9")b
./7ReZ
7/Rich
'@(}	)8
8IkI0&B
$8$ND1Q
8N^h\`5SX
^(8P:N@
8:w9ea
$9Iizf
a8j7 d
abnormal program termination
AddConne
administrator
ADVAPI32.dll
al[@cmdXW
_anlN1
AoDn!;
ApiBuffe
aPxz|=
asdfgh
a uDc"
_beginthreadex
BUMBLE
BY62B!
CancelCo
cDp3>{
&c=EQ)
<c;;ig|
CloseHandle
CloseServiceHandle
cmd.exe /c "net share admin$"
cmd.exe /c "net share admin$ /d"
cmd.exe /c "net share c$ /d"
CopyFileA
Corrupt Data!
C#pKSk
CreateFileA
CreateProcessA
CreateServiceA
ction2A
D$$_^][
*"d0{s
db2admin
d` b-uD1
%d.%d.%d.%d
%d.%d.%d.%d|
DeleteService
dnsapi.dll
DnsQuery_A
DOMAIN error
D$$PVSU
D$ SPV
D$ SWPU
D#t\;>;|
E4T_{J_m
_endthreadex
EnterCriticalSection
ERROR!
et<M?^
ExitProcess
 f<(8Z
>.F,a,
\`f&#B
fgK]cs?
FindResourceA
FKH&Wo%wT
- floating point not loaded
fNMJ@QT
Fpf7h/
FreeEnvironmentStringsA
FreeEnvironmentStringsW
FreeLibrary
From: "Microsoft" <provider@microsoft.com>
f<t+W[
GetACP
GetActiveWindow
GetCommandLineA
GetCPInfo
GetCurrentProcess
GetCurrentThreadId
GetEnvironmentStrings
GetEnvironmentStringsW
GetFileType
GetLastActivePopup
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetNetworkParams
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetStdHandle
GetStringTypeA
GetStringTypeW
GetSystemDirectoryA
GetSystemTime
GetTickCount
GetUserNameA
GetVersion
G"i)wb^
GlobalAlloc
GlobalFree
gmail.com
gmail-smtp-in.l.google.com
google.com
=gQhL1
Gv;G]/
H*@;6`0
HBAQni
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HELO <
HE.Ov\
HjNmty
'H>']skO
H\T3|H
[HtLMX
H-uffp
!i!J*f
ilxBln
InitializeCriticalSection
iphlpapi.dll
_Iz\Ht
J^iu+'q
j'j'j;j;j	
johnS203@yahoo.com
j'p{X+
J<|Q1]
,j>_t_
}/K]3[u
][k	93
!kB0As
kdBcS?U
KERNEL32.dll
%#[[KF
khb6}to
!/KMg	
k`q/446mrx
k?qJ+}
k}(u6)
L$0PWWQW
|*L1t5
l*=~BM
LCMapStringA
LCMapStringW
LeaveCriticalSection
lh>kKW?*
#~<LM\	
LoadLibraryA
LoadResource
LockResource
\lsasvc.exe
L$ SQV
lstrcmpiA
lstrcpynA
lstrlenA
L@tdq<
l$$t]f
&lyV9YSTB
'l)Z#}
?m@4Zg
mail123
mail1234
MAIL FROM:<
MessageBoxA
"M)FQ]u
Microsoft Visual C++ Runtime Library
Microsoft Windows Genuine Updater
mi :P;
MSVCRT.dll
MultiByteToWideChar
MvQB#n!
N3vB#r
^nDs<&k
n:f.E:
NG6"Em
nh/gPT
nnection2A
- not enough space for arguments
- not enough space for environment
- not enough space for lowio initialization
- not enough space for _onexit/atexit table
- not enough space for stdio initialization
- not enough space for thread data
NR^a*bW
@NX0_)
`nY,S~
O-hvt^
OpenSCManagerA
OpenServiceA
oVXmLiK
%OXrL2
:,P)0@`F
P^0t1K
>P=7A:v
passwd
password
.petite
|^PG66
PG9{1A
((P#]P
|~)pQt
Program: 
<program name unknown>
"^P*RS
- pure virtual function call
\PWm;Q
qUG(tY
RCPT TO:<
.rdata
RegCloseKey
RegOpenKeyExA
RegSetValueExA
R&G,LW'%
r][ktjY$Dd{
'roVlB 
RtlUnwind
RT_RCDATA
runtime error 
Runtime Error!
_R_`+y
%s!@#$
s6>19:
%s\admin$\csrss.exe
SetHandleCount
SetLastError
SING error
%s\ipc$
Si~Wk>
 s"j'X+
SO[)|0f
SOFTWARE\Microsoft\Windows\CurrentVersion\Run
sprintf
%s%s%s
SS@SSPVSS
StartServiceA
_strupr
Subject: 
Subject: %s|%s|%s
SYSTEM
%SystemRoot%\csrss.exe
TAwTi6
TerminateProcess
TerminateThread
test1234
!This program cannot be run in DOS mode.
<,Tix]-k
tk5Vp!
TkzY*Zee
TLOSS error
TlsAlloc
TlsGetValue
TlsSetValue
Tp#8PP
T$ SRV
t#SSUP
t.;t$$t(
t$$VSS
T$$WRUh
'<~=*U
- unable to initialize heap
- unable to open console device
- unexpected heap error
- unexpected multithread lock error
UnhandledExceptionFilter
Unkown
user32.dll
USER32.dll
uTQ4B8j
uX|	+\
|v8D*d
VC20XC00U
V~<;e^7
!VH],6
VirtualAlloc
VirtualFree
VirtualProtect
vMa"q/
.^";w/
[w7g2q
WaitForSingleObject
web123
web1234
wglmgr
wgudtr
whiat1001@gmail.com
|$,WhL
WideCharToMultiByte
Win2000
Win2003
Windows Genuine Logon Manager
Windows Update
WinVista
W!Ouvj
WriteFile
WS2_32.dll
wsprintfA
~w`U?H
?XB;9;
|Xb;xw
x|FvTgP#Q
XiyhH5
XLS9Eh
XNC*?$
xnpNnL
<Y2hlO
Yh?CI	T
$,yNmn
_^][YY
Zmbj{9
ZSJ!Lc
Z:?#*w