aiwnjoo
10-06-2008, 04:42 PM
hi everyone, got a quick challenge for anyone who wishes to take part, please attempt to unpack or provide "secret" code to me i just need to know how secure i am before i continue development/improvements.
* FDC.DLL is Win32 portable executable file (PE)
* Created 06.10.2008 at 18:50:56. Attribute Archive
* File size 243712 bytes
* Identificator.........: PE (+00)
* Machine...............: $014C (Intel 386)
* Count of sections.....: $0005
* Time/Date stamp.......: $4867E689
* Symbol table pointer..: $00000000
* Number of symbols.....: $00000000
* Optional header size..: $00E0
* Flags.................: $2102
* Magic optional header.: $010B
* Linker version........: 8.0
* Code size.............: $00030E00
* Size of init data.....: $0000A600
* Size of uninit data...: $00000000
* Entry point RVA.......: $00015F9F
* Base of code..........: $00001000
* Base of data..........: $00032000
* Image base............: $10000000
* Section alignment.....: $00001000
* File alignment........: $00000200
AhnLab-V3 2008.10.3.2 2008.10.06 -
AntiVir 7.8.1.34 2008.10.06 -
Authentium 5.1.0.4 2008.10.06 -
Avast 4.8.1248.0 2008.10.05 -
AVG 8.0.0.161 2008.10.06 -
BitDefender 7.2 2008.10.06 -
CAT-QuickHeal 9.50 2008.10.06 -
ClamAV 0.93.1 2008.10.06 -
DrWeb 4.44.0.09170 2008.10.06 -
eSafe 7.0.17.0 2008.10.05 -
eTrust-Vet 31.6.6131 2008.10.06 -
Ewido 4.0 2008.10.06 -
F-Prot 4.4.4.56 2008.10.06 -
F-Secure 8.0.14332.0 2008.10.06 -
Fortinet 3.113.0.0 2008.10.06 -
GData 19 2008.10.06 -
Ikarus T3.1.1.34.0 2008.10.06 -
K7AntiVirus 7.10.486 2008.10.06 -
Kaspersky 7.0.0.125 2008.10.06 -
McAfee 5398 2008.10.04 -
Microsoft 1.4005 2008.10.06 -
NOD32 3497 2008.10.06 -
Norman 5.80.02 2008.10.06 -
Panda 9.0.0.4 2008.10.06 -
PCTools 4.4.2.0 2008.10.06 -
Prevx1 V2 2008.10.06 -
Rising 20.65.02.00 2008.10.06 -
SecureWeb-Gateway 6.7.6 2008.10.06 -
Sophos 4.34.0 2008.10.06 -
Sunbelt 3.1.1706.1 2008.10.06 -
Symantec 10 2008.10.06 -
TheHacker 6.3.1.0.102 2008.10.06 -
TrendMicro 8.700.0.1004 2008.10.06 -
VBA32 3.12.8.6 2008.10.05 -
ViRobot 2008.10.6.1408 2008.10.06 -
VirusBuster 4.5.11.0 2008.10.06 -
Additional information
File size: 243712 bytes
MD5...: 602c2c96fbe6e420de85fda052ef504d
SHA1..: f0945d272511ba7d6e67ee1c4470827cd675511c
SHA256: 8011f05554972914a946141fbcb677e6a7bf4bfcba3cce4d54 05a8ceeec820bb
SHA512: eef78e52ca3fc9a730f0925065e8bb77119abe247b39c7fddd a745917bdf2a9c
7b4c2f2e6158e7601bf885df88d732ca2f3bea7c46296cea4f 487062482fd764
PEiD..: -
TrID..: File type identification
Win32 Executable MS Visual C++ (generic) (65.2%)
Win32 Executable Generic (14.7%)
Win32 Dynamic Link Library (generic) (13.1%)
Generic Win/DOS Executable (3.4%)
DOS Executable Generic (3.4%)
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x10015f9f
timedatestamp.....: 0x4867e689 (Sun Jun 29 19:46:17 2008)
machinetype.......: 0x14c (I386)
( 5 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x30dc5 0x30e00 6.59 79108915458235661b66612027bb87db
.rdata 0x32000 0x6034 0x6200 5.82 362c4075d4f6323ae8110f873a95e1f8
.data 0x39000 0xc704 0x2000 2.83 30d7782cd5c2b0b9f6487dfa271198d8
.rsrc 0x46000 0xb0 0x200 4.11 6dc87d26a7b8d163206f8cbef3942758
.reloc 0x47000 0x2018 0x2200 6.49 23606c8c69e2e8986e762ad7b23ab4c3
( 1 imports )
> KERNEL32.dll: CreateFileA, GetFileSize, SetFilePointer, GetWindowsDirectoryA, ReadProcessMemory, ReadFile, GetSystemDirectoryA, CloseHandle, OpenSemaphoreA, VirtualQueryEx, OpenProcess, GetProcAddress, GetModuleHandleA, GetCurrentProcessId, GetCurrentProcess, FlushInstructionCache, VirtualProtect, GetVersionExA, FreeLibrary, LoadLibraryA, PeekNamedPipe, WaitForSingleObject, SetEvent, IsBadReadPtr, WriteFile, TerminateThread, GetLastError, GetExitCodeThread, CreateThread, QueryDosDeviceA, GetLogicalDriveStringsA, HeapFree, HeapAlloc, HeapReAlloc, GetSystemTimeAsFileTime, GetCurrentThreadId, GetCommandLineA, GetProcessHeap, RaiseException, GetCPInfo, InterlockedIncrement, InterlockedDecrement, GetACP, GetOEMCP, IsValidCodePage, TlsGetValue, TlsAlloc, TlsSetValue, TlsFree, SetLastError, GetCurrentThread, TerminateProcess, UnhandledExceptionFilter, SetUnhandledExceptionFilter, IsDebuggerPresent, HeapDestroy, HeapCreate, VirtualFree, DeleteCriticalSection, LeaveCriticalSection, FatalAppExitA, EnterCriticalSection, VirtualAlloc, ExitProcess, GetStdHandle, GetModuleFileNameA, HeapSize, Sleep, SetHandleCount, GetFileType, GetStartupInfoA, FreeEnvironmentStringsA, GetEnvironmentStrings, FreeEnvironmentStringsW, WideCharToMultiByte, GetEnvironmentStringsW, QueryPerformanceCounter, GetTickCount, LCMapStringA, MultiByteToWideChar, LCMapStringW, GetStringTypeA, GetStringTypeW, GetTimeFormatA, GetDateFormatA, GetUserDefaultLCID, GetLocaleInfoA, EnumSystemLocalesA, IsValidLocale, InitializeCriticalSection, RtlUnwind, SetConsoleCtrlHandler, InterlockedExchange, GetConsoleCP, GetConsoleMode, GetTimeZoneInformation, GetLocaleInfoW, SetStdHandle, WriteConsoleA, GetConsoleOutputCP, WriteConsoleW, FlushFileBuffers, CompareStringA, CompareStringW, SetEnvironmentVariableA
( 6 exports )
DwStatus, Enter3, Shutdown, Startup2, Startup3, StartupData
http://www.mediafire.com/?yezbwjenddm
Enjoy :)
* FDC.DLL is Win32 portable executable file (PE)
* Created 06.10.2008 at 18:50:56. Attribute Archive
* File size 243712 bytes
* Identificator.........: PE (+00)
* Machine...............: $014C (Intel 386)
* Count of sections.....: $0005
* Time/Date stamp.......: $4867E689
* Symbol table pointer..: $00000000
* Number of symbols.....: $00000000
* Optional header size..: $00E0
* Flags.................: $2102
* Magic optional header.: $010B
* Linker version........: 8.0
* Code size.............: $00030E00
* Size of init data.....: $0000A600
* Size of uninit data...: $00000000
* Entry point RVA.......: $00015F9F
* Base of code..........: $00001000
* Base of data..........: $00032000
* Image base............: $10000000
* Section alignment.....: $00001000
* File alignment........: $00000200
AhnLab-V3 2008.10.3.2 2008.10.06 -
AntiVir 7.8.1.34 2008.10.06 -
Authentium 5.1.0.4 2008.10.06 -
Avast 4.8.1248.0 2008.10.05 -
AVG 8.0.0.161 2008.10.06 -
BitDefender 7.2 2008.10.06 -
CAT-QuickHeal 9.50 2008.10.06 -
ClamAV 0.93.1 2008.10.06 -
DrWeb 4.44.0.09170 2008.10.06 -
eSafe 7.0.17.0 2008.10.05 -
eTrust-Vet 31.6.6131 2008.10.06 -
Ewido 4.0 2008.10.06 -
F-Prot 4.4.4.56 2008.10.06 -
F-Secure 8.0.14332.0 2008.10.06 -
Fortinet 3.113.0.0 2008.10.06 -
GData 19 2008.10.06 -
Ikarus T3.1.1.34.0 2008.10.06 -
K7AntiVirus 7.10.486 2008.10.06 -
Kaspersky 7.0.0.125 2008.10.06 -
McAfee 5398 2008.10.04 -
Microsoft 1.4005 2008.10.06 -
NOD32 3497 2008.10.06 -
Norman 5.80.02 2008.10.06 -
Panda 9.0.0.4 2008.10.06 -
PCTools 4.4.2.0 2008.10.06 -
Prevx1 V2 2008.10.06 -
Rising 20.65.02.00 2008.10.06 -
SecureWeb-Gateway 6.7.6 2008.10.06 -
Sophos 4.34.0 2008.10.06 -
Sunbelt 3.1.1706.1 2008.10.06 -
Symantec 10 2008.10.06 -
TheHacker 6.3.1.0.102 2008.10.06 -
TrendMicro 8.700.0.1004 2008.10.06 -
VBA32 3.12.8.6 2008.10.05 -
ViRobot 2008.10.6.1408 2008.10.06 -
VirusBuster 4.5.11.0 2008.10.06 -
Additional information
File size: 243712 bytes
MD5...: 602c2c96fbe6e420de85fda052ef504d
SHA1..: f0945d272511ba7d6e67ee1c4470827cd675511c
SHA256: 8011f05554972914a946141fbcb677e6a7bf4bfcba3cce4d54 05a8ceeec820bb
SHA512: eef78e52ca3fc9a730f0925065e8bb77119abe247b39c7fddd a745917bdf2a9c
7b4c2f2e6158e7601bf885df88d732ca2f3bea7c46296cea4f 487062482fd764
PEiD..: -
TrID..: File type identification
Win32 Executable MS Visual C++ (generic) (65.2%)
Win32 Executable Generic (14.7%)
Win32 Dynamic Link Library (generic) (13.1%)
Generic Win/DOS Executable (3.4%)
DOS Executable Generic (3.4%)
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x10015f9f
timedatestamp.....: 0x4867e689 (Sun Jun 29 19:46:17 2008)
machinetype.......: 0x14c (I386)
( 5 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x30dc5 0x30e00 6.59 79108915458235661b66612027bb87db
.rdata 0x32000 0x6034 0x6200 5.82 362c4075d4f6323ae8110f873a95e1f8
.data 0x39000 0xc704 0x2000 2.83 30d7782cd5c2b0b9f6487dfa271198d8
.rsrc 0x46000 0xb0 0x200 4.11 6dc87d26a7b8d163206f8cbef3942758
.reloc 0x47000 0x2018 0x2200 6.49 23606c8c69e2e8986e762ad7b23ab4c3
( 1 imports )
> KERNEL32.dll: CreateFileA, GetFileSize, SetFilePointer, GetWindowsDirectoryA, ReadProcessMemory, ReadFile, GetSystemDirectoryA, CloseHandle, OpenSemaphoreA, VirtualQueryEx, OpenProcess, GetProcAddress, GetModuleHandleA, GetCurrentProcessId, GetCurrentProcess, FlushInstructionCache, VirtualProtect, GetVersionExA, FreeLibrary, LoadLibraryA, PeekNamedPipe, WaitForSingleObject, SetEvent, IsBadReadPtr, WriteFile, TerminateThread, GetLastError, GetExitCodeThread, CreateThread, QueryDosDeviceA, GetLogicalDriveStringsA, HeapFree, HeapAlloc, HeapReAlloc, GetSystemTimeAsFileTime, GetCurrentThreadId, GetCommandLineA, GetProcessHeap, RaiseException, GetCPInfo, InterlockedIncrement, InterlockedDecrement, GetACP, GetOEMCP, IsValidCodePage, TlsGetValue, TlsAlloc, TlsSetValue, TlsFree, SetLastError, GetCurrentThread, TerminateProcess, UnhandledExceptionFilter, SetUnhandledExceptionFilter, IsDebuggerPresent, HeapDestroy, HeapCreate, VirtualFree, DeleteCriticalSection, LeaveCriticalSection, FatalAppExitA, EnterCriticalSection, VirtualAlloc, ExitProcess, GetStdHandle, GetModuleFileNameA, HeapSize, Sleep, SetHandleCount, GetFileType, GetStartupInfoA, FreeEnvironmentStringsA, GetEnvironmentStrings, FreeEnvironmentStringsW, WideCharToMultiByte, GetEnvironmentStringsW, QueryPerformanceCounter, GetTickCount, LCMapStringA, MultiByteToWideChar, LCMapStringW, GetStringTypeA, GetStringTypeW, GetTimeFormatA, GetDateFormatA, GetUserDefaultLCID, GetLocaleInfoA, EnumSystemLocalesA, IsValidLocale, InitializeCriticalSection, RtlUnwind, SetConsoleCtrlHandler, InterlockedExchange, GetConsoleCP, GetConsoleMode, GetTimeZoneInformation, GetLocaleInfoW, SetStdHandle, WriteConsoleA, GetConsoleOutputCP, WriteConsoleW, FlushFileBuffers, CompareStringA, CompareStringW, SetEnvironmentVariableA
( 6 exports )
DwStatus, Enter3, Shutdown, Startup2, Startup3, StartupData
http://www.mediafire.com/?yezbwjenddm
Enjoy :)