14b2034107cba13dfbdd586b852f46462ab65e9c41ba9d5db7d38d51c7bc7c6a

Sharing

Copy URL

Twitter E-mail

General

Target

14b2034107cba13dfbdd586b852f46462ab65e9c41ba9d5db7d38d51c7bc7c6a
Size

18KB
MD5

6346efcb4e585e0cb96ae18ebcd62b60
SHA1

a18baf25d3579e5d3c5edbbfd0753c1ccfad84e3
SHA256

14b2034107cba13dfbdd586b852f46462ab65e9c41ba9d5db7d38d51c7bc7c6a
SHA512

04feb66fca3352c7fae2292f937e6f2962a4dbb2a2a14c736405a971ea83393b538b29c03d9fc0819bcbfe7b07f1a373fadc92b4d1c0d6809a19cff3e9187206
SSDEEP

384:p+QY43+pPOogbfYepcQWk3UbSaabct+owI3f:py43+pzgjYIcQWsGqs+tef

Score

N/A

Malware Config

Signatures

Files

14b2034107cba13dfbdd586b852f46462ab65e9c41ba9d5db7d38d51c7bc7c6a
.dll windows x86

d970b5c71c4dbd6b3ec66a8015a8a86d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateDirectoryW
CreateEventA
CreateFileA
CreateFileW
CreateFileMappingA
CreateMutexA
CreateProcessA
CreateThread
DeleteFileA
ExitProcess
FindFirstFileA
FindNextFileA
FreeLibrary
GetFileSize
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetProcessHeap
GetShortPathNameA
GetSystemDirectoryA
GetVolumeInformationA
HeapAlloc
HeapFree
LoadLibraryA
LocalAlloc
LocalFree
MapViewOfFile
MoveFileA
OpenFileMappingA
RemoveDirectoryA
ResetEvent
SearchPathA
SetEvent
SetFilePointer
Sleep
SleepEx
UnmapViewOfFile
VirtualAlloc
VirtualFree
VirtualProtect
WaitForSingleObject
WriteFile
lstrcatA
lstrcmpW
lstrcpyA

user32

CreateDialogParamW
CreateWindowExW
DefWindowProcW
ExitWindowsEx
FindWindowW
GetAsyncKeyState
GetClassInfoExW
GetCursorPos
GetDlgItem
IsDialogMessageW
IsWindowVisible
KillTimer
RegisterClassExW
SendMessageA
SetLayeredWindowAttributes
SetTimer
SetWindowLongA
SetWindowTextW
ShowWindow
wsprintfA

advapi32

RegCloseKey
RegCreateKeyExA
RegDeleteKeyA
RegOpenKeyExA
RegSetValueExA

wininet

FtpCreateDirectoryA
FtpPutFileA
FtpSetCurrentDirectoryA
HttpOpenRequestA
HttpQueryInfoA
HttpSendRequestA
InternetCloseHandle
InternetConnectA
InternetOpenA
InternetQueryDataAvailable

wintrust

WinVerifyTrust

shell32

SHGetFolderPathA
ShellExecuteExA
StrRChrA

ntdll

RtlAdjustPrivilege

Exports

Exports

AddProcessExclusion
GetChangeRect
GetChangedWindowList
IsTitleBarButtonPressed
RemoveProcessExclusion
SetButtonXOffset
SetSingleWindow
ShowTitleBarButton
StartHooks
StopHooks

Sections

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.code
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE

Sharing

General

Malware Config

Signatures

Files

d970b5c71c4dbd6b3ec66a8015a8a86d

Headers

File Characteristics

Imports

kernel32

user32

advapi32

wininet

wintrust

shell32

ntdll

Exports

Exports

Sections

.data Size: 1KB - Virtual size: 1KB

.code Size: 15KB - Virtual size: 14KB

.reloc Size: 1KB - Virtual size: 1KB

.data
Size: 1KB - Virtual size: 1KB

.code
Size: 15KB - Virtual size: 14KB

.reloc
Size: 1KB - Virtual size: 1KB