14c3e964433aefa48be180c18b2c79810b3d789dcfb08b547af4c6bafafc0329

Sharing

Copy URL

Twitter E-mail

General

Target

14c3e964433aefa48be180c18b2c79810b3d789dcfb08b547af4c6bafafc0329
Size

212KB
MD5

61040379bfa549cbd87b162e8d1aa2c8
SHA1

f6e3d5a6cfb809bb8e523530363d93f8c7b4d356
SHA256

14c3e964433aefa48be180c18b2c79810b3d789dcfb08b547af4c6bafafc0329
SHA512

cdb2d586737f978dff7bd8f4d4c854b85adf55fdfda855d460a2682112facb5c4b3c28321ba8e8950895ae0359045c8560c05dafcb9c8593b6ee5e4c3079beb6
SSDEEP

6144:s2GiWgboJfqE0e/8XUZiaR9re8l9+/BHUzVSd5:suyV0e0XUZtLM5HUzq

Score

N/A

Malware Config

Signatures

Files

14c3e964433aefa48be180c18b2c79810b3d789dcfb08b547af4c6bafafc0329
.exe windows x86

d49ea5a582015b08a74b1ff0475064b1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
GetCurrentProcess
IsBadReadPtr
GetEnvironmentStringsW
GetPrivateProfileStringW
lstrcmpW
ReleaseSemaphore
GetQueuedCompletionStatus
SetEvent
GetFullPathNameW
SetEndOfFile
CloseHandle
InterlockedExchange
IsBadWritePtr
HeapFree
GetProcessHeap
MultiByteToWideChar
lstrcmpiW
WaitForMultipleObjects
ResetEvent
GetDiskFreeSpaceW
GetACP
GetCurrentProcessId
GetFileSize
lstrlenW
HeapAlloc
GlobalFree
GetModuleFileNameA
GetVersionExW
lstrcpyW
GlobalAlloc
DeleteCriticalSection
InitializeCriticalSection
GetCurrentThread
GetSystemTimeAsFileTime
GetProfileIntA
GetSystemInfo
SetFilePointer
GetThreadPriority
QueryPerformanceCounter
GetFileAttributesW
GetLastError
FreeLibrary
GlobalHandle
CreateEventW
InterlockedDecrement
ReadFile
WaitForSingleObject
SetUnhandledExceptionFilter
VirtualFree
CreateFileW
LeaveCriticalSection
MulDiv
CreateSemaphoreW
lstrcpynW
WideCharToMultiByte
CreateThread
EnterCriticalSection
GlobalLock
WriteFile
lstrcpyA
LoadLibraryW
GlobalMemoryStatus
InterlockedIncrement
IsBadCodePtr
GetTickCount
GlobalUnlock
SetThreadPriority

user32

SetCursor
SendMessageW
LoadStringW
GetDlgItem
DestroyWindow
GetDesktopWindow
LoadCursorW
MoveWindow
SetDlgItemInt
GetAsyncKeyState
GetDC
TranslateMessage
IsRectEmpty
CheckRadioButton
ShowWindow
SetWindowLongW
IsWindow
CheckDlgButton
GetClientRect
GetWindowLongW
EnableWindow
DispatchMessageW
InvalidateRect
GetDlgItemInt
GetWindowRect
DefWindowProcW
IsWindowVisible
ClientToScreen
SetDlgItemTextW
PeekMessageW
ReleaseDC
CreateDialogParamW

netshell

StartNCW
NcIsValidConnectionName
DllGetClassObject

Sections

.text
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 43KB - Virtual size: 6.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d49ea5a582015b08a74b1ff0475064b1

Headers

File Characteristics

Imports

kernel32

user32

netshell

Sections

.text Size: 83KB - Virtual size: 83KB

.rdata Size: 80KB - Virtual size: 79KB

.data Size: 43KB - Virtual size: 6.1MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 83KB - Virtual size: 83KB

.rdata
Size: 80KB - Virtual size: 79KB

.data
Size: 43KB - Virtual size: 6.1MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 1KB