dialog
initDialog
show
Overview
overview
10Static
static
37ad39bfaf9...cs.exe
windows7-x64
107ad39bfaf9...cs.exe
windows10-2004-x64
10$PLUGINSDI...ns.dll
windows7-x64
3$PLUGINSDI...ns.dll
windows10-2004-x64
3$PLUGINSDI...nu.dll
windows7-x64
3$PLUGINSDI...nu.dll
windows10-2004-x64
3$PLUGINSDI...em.dll
windows7-x64
3$PLUGINSDI...em.dll
windows10-2004-x64
3$PLUGINSDI...fo.dll
windows7-x64
3$PLUGINSDI...fo.dll
windows10-2004-x64
3Delphi.NET...Acc.js
windows7-x64
3Delphi.NET...Acc.js
windows10-2004-x64
3Delphi.NET...Acc.js
windows7-x64
3Delphi.NET...Acc.js
windows10-2004-x64
3Delphi.NET...Acc.js
windows7-x64
3Delphi.NET...Acc.js
windows10-2004-x64
3Delphi.NET...Acc.js
windows7-x64
3Delphi.NET...Acc.js
windows10-2004-x64
3MemAcc.vbs
windows7-x64
1MemAcc.vbs
windows10-2004-x64
1MemAcc.chm
windows7-x64
1MemAcc.chm
windows10-2004-x64
1MemAcc.js
windows7-x64
3MemAcc.js
windows10-2004-x64
3MemAcc.pdf
windows7-x64
1MemAcc.pdf
windows10-2004-x64
1MemAcc.vbs
windows7-x64
1MemAcc.vbs
windows10-2004-x64
1Redist/MemAcc.sys
windows7-x64
1Redist/MemAcc.sys
windows10-2004-x64
1VB.NET/BIO...cc.vbs
windows7-x64
1VB.NET/BIO...cc.vbs
windows10-2004-x64
1Behavioral task
behavioral1
Sample
7ad39bfaf9ce17c54262523ec8c76e597f870b29226f40a10f8d4df03c308d4d_NeikiAnalytics.exe
Resource
win7-20240508-en
windows7-x64
18 signatures
150 seconds
Behavioral task
behavioral2
Sample
7ad39bfaf9ce17c54262523ec8c76e597f870b29226f40a10f8d4df03c308d4d_NeikiAnalytics.exe
Resource
win10v2004-20240226-en
windows10-2004-x64
18 signatures
150 seconds
Behavioral task
behavioral3
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win7-20240611-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral4
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win10v2004-20240226-en
windows10-2004-x64
2 signatures
150 seconds
Behavioral task
behavioral5
Sample
$PLUGINSDIR/StartMenu.dll
Resource
win7-20231129-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral6
Sample
$PLUGINSDIR/StartMenu.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
2 signatures
150 seconds
Behavioral task
behavioral7
Sample
$PLUGINSDIR/System.dll
Resource
win7-20240419-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral8
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
2 signatures
150 seconds
Behavioral task
behavioral9
Sample
$PLUGINSDIR/UserInfo.dll
Resource
win7-20240221-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral10
Sample
$PLUGINSDIR/UserInfo.dll
Resource
win10v2004-20240611-en
windows10-2004-x64
2 signatures
150 seconds
Behavioral task
behavioral11
Sample
Delphi.NET/BIOSData/Zeal.MemAcc.js
Resource
win7-20240508-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral12
Sample
Delphi.NET/BIOSData/Zeal.MemAcc.js
Resource
win10v2004-20240611-en
windows10-2004-x64
1 signatures
150 seconds
Behavioral task
behavioral13
Sample
Delphi.NET/Map/Zeal.MemAcc.js
Resource
win7-20240611-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral14
Sample
Delphi.NET/Map/Zeal.MemAcc.js
Resource
win10v2004-20240508-en
windows10-2004-x64
1 signatures
150 seconds
Behavioral task
behavioral15
Sample
Delphi.NET/MemTest/Zeal.MemAcc.js
Resource
win7-20240611-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral16
Sample
Delphi.NET/MemTest/Zeal.MemAcc.js
Resource
win10v2004-20240226-en
windows10-2004-x64
1 signatures
150 seconds
Behavioral task
behavioral17
Sample
Delphi.NET/PCI/Zeal.MemAcc.js
Resource
win7-20240220-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral18
Sample
Delphi.NET/PCI/Zeal.MemAcc.js
Resource
win10v2004-20240508-en
windows10-2004-x64
1 signatures
150 seconds
Behavioral task
behavioral19
Sample
MemAcc.vbs
Resource
win7-20240221-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral20
Sample
MemAcc.vbs
Resource
win10v2004-20240508-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral21
Sample
MemAcc.chm
Resource
win7-20240508-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral22
Sample
MemAcc.chm
Resource
win10v2004-20240611-en
windows10-2004-x64
1 signatures
150 seconds
Behavioral task
behavioral23
Sample
MemAcc.js
Resource
win7-20231129-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral24
Sample
MemAcc.js
Resource
win10v2004-20240508-en
windows10-2004-x64
1 signatures
150 seconds
Behavioral task
behavioral25
Sample
MemAcc.pdf
Resource
win7-20240419-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral26
Sample
MemAcc.pdf
Resource
win10v2004-20240611-en
windows10-2004-x64
6 signatures
150 seconds
Behavioral task
behavioral27
Sample
MemAcc.vbs
Resource
win7-20240611-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral28
Sample
MemAcc.vbs
Resource
win10v2004-20240508-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral29
Sample
Redist/MemAcc.sys
Resource
win7-20240611-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral30
Sample
Redist/MemAcc.sys
Resource
win10v2004-20240508-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral31
Sample
VB.NET/BIOSData/MemAcc.vbs
Resource
win7-20231129-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral32
Sample
VB.NET/BIOSData/MemAcc.vbs
Resource
win10v2004-20240508-en
windows10-2004-x64
0 signatures
150 seconds
General
-
Target
7ad39bfaf9ce17c54262523ec8c76e597f870b29226f40a10f8d4df03c308d4d_NeikiAnalytics.exe
-
Size
733KB
-
MD5
0a1ad78b7445d452a8b9e30cc96f3e20
-
SHA1
0fb048733f46346a769a32a367e1d9341856899c
-
SHA256
7ad39bfaf9ce17c54262523ec8c76e597f870b29226f40a10f8d4df03c308d4d
-
SHA512
991be91a3a4eb44d31bc6f6cf638ee29aee42e8ea470b5ce546e63689f8cf874c377850239986b8f575ce947704028a6e2855c68c5726d8ccf9b7e5b974ffd08
-
SSDEEP
12288:baxvpA0aa6nJ6Jl3+4tdqoeBcVgaOZi85uGgGn47nX6SoJb0CbPcgIsHwrdU68qO:baQBnJgl3+42BcVtOZiDPG6KSm4CrcX8
Malware Config
Signatures
-
Unsigned PE 7 IoCs
Checks for missing Authenticode signature.
Processes:
resource 7ad39bfaf9ce17c54262523ec8c76e597f870b29226f40a10f8d4df03c308d4d_NeikiAnalytics.exe unpack001/$PLUGINSDIR/InstallOptions.dll unpack001/$PLUGINSDIR/StartMenu.dll unpack001/$PLUGINSDIR/System.dll unpack001/$PLUGINSDIR/UserInfo.dll unpack001/Redist/MemAcc.sys unpack001/Redist/x64/$R0 -
NSIS installer 1 IoCs
Processes:
resource yara_rule sample nsis_installer_1
Files
-
7ad39bfaf9ce17c54262523ec8c76e597f870b29226f40a10f8d4df03c308d4d_NeikiAnalytics.exe.exe windows:4 windows x86 arch:x86
18bc6fa81e19f21156316b1ae696ed6b
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
CloseHandle
SetFileTime
CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetFileSize
GetModuleFileNameA
GetTickCount
GetCurrentProcess
lstrcmpiA
ExitProcess
GetCommandLineA
GetWindowsDirectoryA
GetTempPathA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
lstrcmpA
GetEnvironmentVariableA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
SetErrorMode
GetModuleHandleA
LoadLibraryA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
CopyFileA
user32
ScreenToClient
GetWindowRect
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
EndDialog
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxA
CharPrevA
DispatchMessageA
PeekMessageA
CreateDialogParamA
DestroyWindow
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
RegisterClassA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
TrackPopupMenu
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow
gdi32
SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject
shell32
SHGetMalloc
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation
advapi32
RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA
comctl32
ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create
ole32
OleInitialize
OleUninitialize
CoCreateInstance
version
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
Sections
.text Size: 22KB - Virtual size: 22KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 1024B - Virtual size: 109KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.ndata Size: - Virtual size: 40KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 91KB - Virtual size: 92KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
$PLUGINSDIR/InstallOptions.dll.dll windows:4 windows x86 arch:x86
57354bdeea3dfae6e948101add87501a
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
SetCurrentDirectoryA
GetCurrentDirectoryA
GetPrivateProfileIntA
GetModuleHandleA
lstrcmpiA
GetPrivateProfileStringA
lstrcatA
lstrcpynA
WritePrivateProfileStringA
lstrlenA
lstrcpyA
GlobalFree
MultiByteToWideChar
GlobalAlloc
user32
GetDlgCtrlID
GetClientRect
SetWindowRgn
MapWindowPoints
LoadImageA
SetWindowLongA
CreateWindowExA
MapDialogRect
SetWindowPos
GetWindowRect
CreateDialogParamA
ShowWindow
EnableWindow
GetDlgItem
DestroyIcon
DestroyWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
PtInRect
LoadCursorA
SetCursor
DrawTextA
GetWindowLongA
DrawFocusRect
CallWindowProcA
PostMessageA
MessageBoxA
CharNextA
wsprintfA
GetWindowTextA
SetWindowTextA
SendMessageA
LoadIconA
gdi32
SetTextColor
GetObjectA
SelectObject
GetDIBits
CreateRectRgn
CombineRgn
DeleteObject
CreateCompatibleDC
shell32
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetDesktopFolder
SHGetMalloc
ShellExecuteA
comdlg32
GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError
Exports
Exports
Sections
.text Size: 6KB - Virtual size: 6KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1KB - Virtual size: 9KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 152B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1024B - Virtual size: 954B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/StartMenu.dll.dll windows:4 windows x86 arch:x86
28d94e5199b88ad374b3cb2118e31a66
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
lstrcpynA
GlobalAlloc
MulDiv
GetModuleHandleA
GlobalFree
FindClose
FindNextFileA
FindFirstFileA
lstrcmpiA
lstrcatA
lstrcpyA
user32
GetMessageA
IsDialogMessageA
PostMessageA
CallWindowProcA
TranslateMessage
CheckDlgButton
ShowWindow
LoadIconA
GetClientRect
MoveWindow
ScreenToClient
GetWindowRect
ReleaseDC
GetDC
EnableWindow
SetWindowTextA
SendMessageA
IsDlgButtonChecked
GetWindowTextA
DispatchMessageA
DestroyWindow
GetDlgItem
CreateDialogParamA
SetWindowLongA
wsprintfA
GetWindowLongA
gdi32
GetTextMetricsA
SelectObject
shell32
SHGetMalloc
SHGetSpecialFolderLocation
SHGetPathFromIDListA
Exports
Exports
Init
Select
Show
Sections
.text Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 296B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 460B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/System.dll.dll windows:4 windows x86 arch:x86
4ec328f99bdd944fc98d8a5cf11f7a62
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
GlobalAlloc
GlobalFree
GlobalSize
lstrcpyA
lstrcpynA
FreeLibrary
lstrcatA
GetProcAddress
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
GetLastError
VirtualAlloc
VirtualProtect
user32
wsprintfA
ole32
StringFromGUID2
CLSIDFromString
Exports
Exports
Alloc
Call
Copy
Free
Get
Int64Op
Store
Sections
.text Size: 7KB - Virtual size: 6KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1024B - Virtual size: 784B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 92B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 512B - Virtual size: 494B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/UserInfo.dll.dll windows:4 windows x86 arch:x86
48cfa0ea7e353e4a7dd23572da8374ef
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
GetVersion
GetCurrentThread
GetCurrentProcess
GetLastError
GlobalFree
CloseHandle
lstrcpynA
GlobalAlloc
advapi32
OpenProcessToken
GetTokenInformation
AllocateAndInitializeSid
EqualSid
FreeSid
GetUserNameA
OpenThreadToken
Exports
Exports
GetAccountType
GetName
Sections
.text Size: 1024B - Virtual size: 573B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1024B - Virtual size: 576B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 45B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 512B - Virtual size: 132B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/ioSpecial.ini
-
$PLUGINSDIR/modern-wizard.bmp
-
CSBuilder/BIOSData/MemAcc.cs
-
CSBuilder/Map/MemAcc.cs
-
CSBuilder/MemTest/MemAcc.cs
-
CSBuilder/PCI/MemAcc.cs
-
Delphi.NET/BIOSData/Zeal.MemAcc.pas.js
-
Delphi.NET/Map/Zeal.MemAcc.pas.js
-
Delphi.NET/MemTest/Zeal.MemAcc.pas.js
-
Delphi.NET/PCI/Zeal.MemAcc.pas.js
-
LICENSE.TXT
-
MemAcc.bas.vbs
-
MemAcc.chm.chm
-
MemAcc.cs
-
MemAcc.lib
-
MemAcc.pas.js
-
MemAcc.pdf.pdf
-
http://Library43www.zealsoftstudio.com
-
http://Librarywww.zealsoftstudio.com
-
http://O.by
-
http://memacc.inc
-
http://public.bta.net.cn
-
http://www.checklistbox.com
-
http://www.microsoft.com/directx
-
http://www.zealsoft.com/upgrade/
-
http://www.zealsoftstudio.com
-
http://www.zealsoftstudio.com/memaccess/
-
http://www.zealsoftstudio.com/memaccess/�
-
http://www.zealsoftstudio.com/memaccess/.3.2Using
-
http://www.zealsoftstudio.com/memaccess/.3.4.1Dacris
-
http://www.zealsoftstudio.com/memaccess/We
-
http://www.zeasoftstudio.com/ntport/.
-
http://zealsoft.com
- Show all
-
-
MemAcc.vb.vbs
-
Memacc.h
-
ReadMe.txt
-
Redist/MEMACC.VXD
-
Redist/MemAcc.sys.sys windows:5 windows x86 arch:x86
fc5f24dd874081086a8803550256a943
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
PDB Paths
F:\Products\MemAccess\Driver\sys\objfre\i386\MemAcc.pdb
Imports
ntoskrnl.exe
WRITE_REGISTER_ULONG
DbgPrint
READ_REGISTER_BUFFER_ULONG
WRITE_REGISTER_USHORT
READ_REGISTER_BUFFER_USHORT
RtlAppendUnicodeStringToString
ObfDereferenceObject
IoDeleteDevice
IoCreateSymbolicLink
IoDeleteSymbolicLink
IoRegisterShutdownNotification
IoUnregisterShutdownNotification
IoCreateDevice
MmMapIoSpace
ZwUnmapViewOfSection
ZwClose
WRITE_REGISTER_UCHAR
ObReferenceObjectByHandle
ZwOpenSection
MmBuildMdlForNonPagedPool
MmSizeOfMdl
RtlIntegerToUnicodeString
memmove
KeBugCheckEx
READ_REGISTER_BUFFER_UCHAR
MmUnmapIoSpace
IoFreeMdl
IofCompleteRequest
RtlInitUnicodeString
ExFreePoolWithTag
ZwMapViewOfSection
ExAllocatePoolWithTag
hal
HalFreeCommonBuffer
HalAllocateCommonBuffer
HalSetBusDataByOffset
HalTranslateBusAddress
HalGetBusDataByOffset
HalGetAdapter
Sections
.text Size: 7KB - Virtual size: 7KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 256B - Virtual size: 172B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.CRT Size: 128B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.STL Size: 128B - Virtual size: 16B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PAGE Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
INIT Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 1016B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.reloc Size: 1024B - Virtual size: 914B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
Redist/memacc.reg
-
Redist/memaccvb6.reg
-
Redist/x64/$R0.sys windows:5 windows x86 arch:x86
fc5f24dd874081086a8803550256a943
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
PDB Paths
F:\Products\MemAccess\Driver\sys\objfre\i386\MemAcc.pdb
Imports
ntoskrnl.exe
WRITE_REGISTER_ULONG
DbgPrint
READ_REGISTER_BUFFER_ULONG
WRITE_REGISTER_USHORT
READ_REGISTER_BUFFER_USHORT
RtlAppendUnicodeStringToString
ObfDereferenceObject
IoDeleteDevice
IoCreateSymbolicLink
IoDeleteSymbolicLink
IoRegisterShutdownNotification
IoUnregisterShutdownNotification
IoCreateDevice
MmMapIoSpace
ZwUnmapViewOfSection
ZwClose
WRITE_REGISTER_UCHAR
ObReferenceObjectByHandle
ZwOpenSection
MmBuildMdlForNonPagedPool
MmSizeOfMdl
RtlIntegerToUnicodeString
memmove
KeBugCheckEx
READ_REGISTER_BUFFER_UCHAR
MmUnmapIoSpace
IoFreeMdl
IofCompleteRequest
RtlInitUnicodeString
ExFreePoolWithTag
ZwMapViewOfSection
ExAllocatePoolWithTag
hal
HalFreeCommonBuffer
HalAllocateCommonBuffer
HalSetBusDataByOffset
HalTranslateBusAddress
HalGetBusDataByOffset
HalGetAdapter
Sections
.text Size: 7KB - Virtual size: 7KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 256B - Virtual size: 172B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.CRT Size: 128B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.STL Size: 128B - Virtual size: 16B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PAGE Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
INIT Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 1016B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.reloc Size: 1024B - Virtual size: 914B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
Redist/x64/$SYSDIR/MemAcc.vxd
-
VB.NET/BIOSData/MemAcc.vb.vbs
-
VB.NET/Map/MemAcc.vb.vbs
-
VB.NET/MemTest/MemAcc.vb.vbs
-
VB.NET/PCI/MemAcc.vb.vbs
-
VCSharp/BIOSData/MemAcc.cs
-
VCSharp/Map/MemAcc.cs
-
VCSharp/MemTest/MemAcc.cs
-
VCSharp/PCI/MemAcc.cs
-
Zeal.MemAcc.pas.js
-
bcbmem.lib