sub_outside():
KERNEL32.GetVersion
KERNEL32.GetCommandLineA
KERNEL32.GetStartupInfoA
KERNEL32.GetModuleHandleA
KERNEL32.VirtualFree
|
sub_401583(00ab):
USER32.wsprintfA
KERNEL32.Sleep
"\\\\%s\\ipc$"
|
sub_40126C(04e2):
KERNEL32.lstrcpyA
USER32.wsprintfA
KERNEL32.Sleep
|
sub_403BD6(06bc):
KERNEL32.GetCPInfo
|
sub_401F4B(0801):
KERNEL32.GetCurrentThread
KERNEL32.SetThreadPriority
KERNEL32.Sleep
USER32.wsprintfA
KERNEL32.GetModuleFileNameA
KERNEL32.WinExec
"%i.%i.%i.%i"
" "
|
sub_40137D(0975):
KERNEL32.lstrcpyA
USER32.wsprintfA
"\\\\%s\\ipc$"
"%s%c"
|
sub_404663(0e35):
KERNEL32.LoadLibraryA
KERNEL32.GetProcAddress
USER32.GetActiveWindow
USER32.GetLastActivePopup
USER32.MessageBoxA
"user32.dll"
"MessageBoxA"
"GetActiveWindow"
"GetLastActivePopup"
|
sub_402F48(18d1):
KERNEL32.GetModuleFileNameA
|
sub_4010D2(2796):
KERNEL32.lstrcpyA
"127.0.0.1"
|
sub_401210(2e64):
KERNEL32._lcreat
KERNEL32._llseek
KERNEL32._lwrite
KERNEL32._lclose
"c:\\ftplog.txt"
"\r\n"
|
sub_402CB3(2f2e):
KERNEL32._lread
KERNEL32.UnhandledExceptionFilter
|
sub_401B59(38d2):
USER32.wsprintfA
KERNEL32.GetModuleFileNameA
KERNEL32._lopen
KERNEL32._lread
KERNEL32._lclose
"USER"
"PASS"
"PORT"
"%i.%i.%i.%i"
"RETR"
"QUIT"
|
sub_4020D9(3ff3):
KERNEL32.GetTickCount
KERNEL32.CreateMutexA
NTDLL.RtlGetLastWin32Error
KERNEL32.CreateThread
KERNEL32.Sleep
USER32.MessageBoxA
"SkynetNotice"
"SkyNet"
"1. Your computer is affected by the MS0"...
|
sub_4047EE(547a):
KERNEL32.LCMapStringW
KERNEL32.LCMapStringA
KERNEL32.MultiByteToWideChar
KERNEL32.WideCharToMultiByte
|
sub_403472(55e5):
KERNEL32.HeapCreate
KERNEL32.HeapDestroy
|
sub_403E83(597c):
KERNEL32.VirtualFree
NTDLL.RtlFreeHeap
|
sub_403D77(5c3f):
NTDLL.RtlFreeHeap
|
sub_404568(64eb):
KERNEL32.VirtualAlloc
|
sub_401EC0(80c4):
KERNEL32.CreateThread
KERNEL32.Sleep
|
sub_40380C(81be):
KERNEL32.GetStringTypeW
KERNEL32.GetStringTypeA
KERNEL32.MultiByteToWideChar
|
sub_4034B0(8af0):
NTDLL.RtlUnwind
|
sub_403997(a8e4):
KERNEL32.GetOEMCP
KERNEL32.GetCPInfo
|
sub_402A49(af5c):
KERNEL32.ExitProcess
|
sub_4032C7(c890):
KERNEL32.GetStartupInfoA
KERNEL32.GetFileType
KERNEL32.GetStdHandle
KERNEL32.SetHandleCount
|
sub_4044B7(cbe8):
NTDLL.RtlReAllocateHeap
NTDLL.RtlAllocateHeap
KERNEL32.VirtualAlloc
NTDLL.RtlFreeHeap
|
sub_403195(dcdc):
KERNEL32.GetEnvironmentStringsW
KERNEL32.GetEnvironmentStringsA
KERNEL32.WideCharToMultiByte
KERNEL32.FreeEnvironmentStringsW
KERNEL32.FreeEnvironmentStringsA
|
sub_403E1A(e71f):
NTDLL.RtlAllocateHeap
|
sub_402C00(e781):
KERNEL32.GetCurrentProcess
KERNEL32.TerminateProcess
KERNEL32.ExitProcess
|
sub_40219B(f8d3):
KERNEL32.GetModuleFileNameA
KERNEL32.GetWindowsDirectoryA
KERNEL32.CopyFileA
"\\"
"SOFTWARE\\Microsoft\\Windows\\CurrentVersi"...
"ssgrate.exe"
"drvsys.exe"
"Drvddll_exe"
|
sub_4036B9(fc50):
KERNEL32.GetModuleFileNameA
KERNEL32.GetStdHandle
KERNEL32.WriteFile
""
"..."
"Runtime Error!\n\nProgram: "
"\n\n"
"Microsoft Visual C++ Runtime Library"
|
sub_403DE4(fd6e):
NTDLL.RtlAllocateHeap
|