[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

happy99.exe

To: "Scirocco List (E-mail)" <scirocco-l@scirocco.org>
Subject: happy99.exe
From: "Bradley Peet" <btpeet@effervescent.com>
Date: Sat, 27 Mar 1999 12:49:22 -0800
Disposition-Notification-To: "Bradley Peet" <btpeet@effervescent.com>
Importance: Normal
Sender: Majordomo <majord@neubayern.net>

WTF?  Anyone out there dumb enough to run this on YOUR computer?  (Tell us
if you did!)  Let's see, we have file read/write operations, Windows
registry key creation, and all kinds of other neat little things this
program could do to your PC.

Dump of file happy99.exe

File Type: EXECUTABLE IMAGE

  Section contains the following imports:

    KERNEL32.dll
                430064 Import Address Table
                     0 Import Name Table
                     0 time date stamp
                     0 Index of first forwarder reference

                   0  WriteFile
                   0  UnmapViewOfFile
                   0  GetWindowsDirectoryA
                   0  GetModuleHandleA
                   0  CopyFileA
                   0  GetProcAddress
                   0  ExitProcess
                   0  GetFileSize
                   0  GetModuleFileNameA
                   0  LocalAlloc
                   0  CreateFileMappingA
                   0  GetVersionExA
                   0  GetSystemDirectoryA
                   0  CreateFileA
                   0  CloseHandle
                   0  LocalFree
                   0  MapViewOfFile
                   0  ReadFile

    ADVAPI32.dll
                4300B0 Import Address Table
                     0 Import Name Table
                     0 time date stamp
                     0 Index of first forwarder reference

                   0  RegSetValueExA
                   0  RegCreateKeyExA
                   0  RegCloseKey

    USER32.dll
                4300C0 Import Address Table
                     0 Import Name Table
                     0 time date stamp
                     0 Index of first forwarder reference

                   0  ReleaseDC
                   0  RegisterClassA
                   0  PostQuitMessage
                   0  PeekMessageA
                   0  GetDC
                   0  DispatchMessageA
                   0  DefWindowProcA
                   0  CreateWindowExA
                   0  ShowWindow
                   0  UpdateWindow
                   0  TranslateMessage

    GDI32.dll
                4300F0 Import Address Table
                     0 Import Name Table
                     0 time date stamp
                     0 Index of first forwarder reference

                   0  SetPixelV


--
To unsubscribe, send "unsubscribe scirocco-l" to majordomo@scirocco.org.
If you experience other problems, email: scirocco-l-probs@scirocco.org

Prev by Date: Re: 2.0liter Scirocco's from the factory... in 89???? in US????
Next by Date: [non-scirocco] Server and webpage up!
Prev by thread: BE CAREFUL - HAPPY99 WORM VIRUS !! was .Re: 2.0liter Scirocco's from the factory... in 89???? in US????
Next by thread: Re: happy99.exe
Index(es):
- Date
- Thread