fe7e01e2cd63a9f8539d4d76ee837a00_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fe7e01e2cd63a9f8539d4d76ee837a00_JaffaCakes118
Size

5.6MB
MD5

fe7e01e2cd63a9f8539d4d76ee837a00
SHA1

4e2bd91d8604e2faf80ebb92c41478e01402b5f2
SHA256

97015eba70d2b3ac7083402ffa9233150b481580bc4551f73ab7ade18a8092f1
SHA512

2a3b69c7d08098bebb69fe583f726c43b5db5d8cc65ced5ba74b62fd6e4696b8f4a0aa1a6bbccd1dd7234041f8ac655d10f65a5155c74d46b13f594884faf6e4
SSDEEP

98304:R3BsrSQ4Am12km6lAPG5Y3TJJN9uopM3hM/GLJT/susTWc/A006ROyowf4S+g:hPQcocAP0KlJNkopMxcGLJTsbWc4d6RT

Score

3^/10

Malware Config

Signatures

Unsigned PE 22 IoCs

Checks for missing Authenticode signature.

resource
unpack001/TurboFTP/TurboFTP.exe
unpack001/TurboFTP/TurboLogViewer.exe
unpack001/TurboFTP/dzgt32.dll
unpack001/TurboFTP/lang/langarb.dll
unpack001/TurboFTP/lang/langb5.dll
unpack001/TurboFTP/lang/langdeu.dll
unpack001/TurboFTP/lang/langfr.dll
unpack001/TurboFTP/lang/langgb.dll
unpack001/TurboFTP/lang/langita.dll
unpack001/TurboFTP/lang/langkr.dll
unpack001/TurboFTP/lang/langnl.dll
unpack001/TurboFTP/lang/langptg.dll
unpack001/TurboFTP/lang/langruss.dll
unpack001/TurboFTP/lang/langspn.dll
unpack001/TurboFTP/lang/langswd.dll
unpack001/TurboFTP/libeay32.dll
unpack001/TurboFTP/sshm.dll
unpack001/TurboFTP/ssleay32.dll
unpack001/TurboFTP/tbsdkmd.dll
unpack001/TurboFTP/tbshex.dll
unpack001/TurboFTP/tbupwz.exe
unpack001/TurboFTP/tftpsvc.exe

Files

fe7e01e2cd63a9f8539d4d76ee837a00_JaffaCakes118
.rar
TurboFTP/History.txt
TurboFTP/Tips.tip
TurboFTP/TurboFTP.exe
.exe windows:4 windows x86 arch:x86

0539a31253f066f6315e4c0a3a3568dd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateThread
GlobalUnlock
GlobalLock
GlobalAlloc
GetTickCount
WideCharToMultiByte
IsBadReadPtr
GlobalAddAtomA
GlobalAddAtomW
GetModuleHandleA
GlobalFree
GlobalGetAtomNameA
GlobalDeleteAtom
GlobalGetAtomNameW
FreeConsole
GetEnvironmentVariableA
VirtualProtect
VirtualAlloc
GetProcAddress
GetLastError
LoadLibraryA
SetLastError
SetThreadPriority
GetCurrentThread
SetEnvironmentVariableA
ReleaseMutex
WaitForSingleObject
CreateMutexA
OpenMutexA
SetErrorMode
GetCurrentThreadId
FindClose
FindFirstFileW
VirtualQueryEx
GetExitCodeProcess
ReadProcessMemory
VirtualProtectEx
ContinueDebugEvent
ResumeThread
OutputDebugStringA
OutputDebugStringW
SetThreadContext
GetThreadContext
WaitForDebugEvent
WriteProcessMemory
UnmapViewOfFile
SuspendThread
DebugActiveProcess
MapViewOfFile
DuplicateHandle
GetCurrentProcess
CreateFileMappingA
SetEvent
CreateEventA
MultiByteToWideChar
CloseHandle
CreateProcessA
GetStartupInfoA
GetCommandLineA
GetSystemTimeAsFileTime
ExitProcess
LocalFree
CompareStringW
CompareStringA
FlushFileBuffers
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
FormatMessageA
GetConsoleMode
GetConsoleCP
SetFilePointer
GetLocaleInfoW
GetStringTypeW
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
Sleep
EnterCriticalSection
LeaveCriticalSection
GetVersionExA
InitializeCriticalSection
GetCurrentProcessId
GetModuleFileNameW
GetShortPathNameW
GetModuleFileNameA
CreateFileA
GetShortPathNameA
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
InterlockedIncrement
InterlockedDecrement
InterlockedExchange
DeleteCriticalSection
RtlUnwind
RaiseException
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
HeapAlloc
GetProcessHeap
GetCPInfo
LCMapStringA
LCMapStringW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
HeapSize
WriteFile
GetStdHandle
GetACP
GetOEMCP
IsValidCodePage
HeapDestroy
HeapCreate
VirtualFree
HeapReAlloc
GetTimeZoneInformation

user32

LoadStringW
IsWindow
PostMessageA
GetDesktopWindow
MoveWindow
SetPropA
EnumThreadWindows
GetPropA
GetMessageA
BeginPaint
KillTimer
GetAsyncKeyState
GetSystemMetrics
SetTimer
SetWindowTextA
GetDlgItem
CreateDialogIndirectParamA
ShowWindow
UpdateWindow
LoadStringA
EndPaint
FindWindowA
WaitForInputIdle
DestroyWindow
MessageBoxA
InSendMessage
UnpackDDElParam
FreeDDElParam
DefWindowProcW
DefWindowProcA
LoadCursorA
RegisterClassW
CreateWindowExW
RegisterClassA
CreateWindowExA
GetWindowThreadProcessId
SendMessageW
SendMessageA
PeekMessageA
TranslateMessage
DispatchMessageA
EnumWindows
IsWindowUnicode
PackDDElParam
PostMessageW

gdi32

SelectObject
BitBlt
DeleteObject
CreatePalette
CreateDCA
SelectPalette
RealizePalette
CreateDIBitmap
DeleteDC
CreateCompatibleDC

Sections

.text
Size: - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 236KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text1
Size: 384KB - Virtual size: 384KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 52KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 76KB - Virtual size: 192KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 392KB - Virtual size: 392KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
TurboFTP/TurboLogViewer.chm
.chm
TurboFTP/TurboLogViewer.exe
.exe windows:4 windows x86 arch:x86

fdcba7f28f93206cf4b52730b9a0e7ae

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

h:\mysvnrepos\ftpexpressdev\FtpExpress\TurboLogViewer\TurboLogViewer\Release\TurboLogViewer.pdb

Imports

kernel32

GetSystemTimeAsFileTime
GetCommandLineA
GetProcessHeap
GetStartupInfoA
ExitThread
CreateThread
HeapSize
GetACP
IsValidCodePage
LCMapStringA
LCMapStringW
VirtualFree
HeapDestroy
HeapCreate
GetStdHandle
Sleep
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
VirtualAlloc
HeapReAlloc
HeapFree
HeapAlloc
RaiseException
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
RtlUnwind
GetTickCount
GetCurrentDirectoryA
SetErrorMode
LocalFileTimeToFileTime
FileTimeToLocalFileTime
FindResourceExA
GetOEMCP
GetCPInfo
SystemTimeToFileTime
FileTimeToSystemTime
GlobalFlags
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
InterlockedIncrement
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
CreateEventA
SuspendThread
SetEvent
ResumeThread
SetThreadPriority
CreateFileA
GetShortPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
CloseHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetThreadLocale
DeleteFileA
MoveFileA
GetDiskFreeSpaceA
GetFullPathNameA
GetTempFileNameA
GetFileTime
SetFileTime
lstrcmpA
VirtualProtect
InterlockedDecrement
GetModuleFileNameW
FreeResource
GetCurrentThreadId
GlobalFindAtomA
GlobalDeleteAtom
FreeLibrary
lstrcmpW
GetVersionExA
GlobalGetAtomNameA
GlobalAddAtomA
GetCurrentProcessId
GlobalFree
FormatMessageA
LocalFree
MulDiv
GetModuleFileNameA
CreateDirectoryA
CopyFileA
GetFileAttributesA
ExitProcess
FindCloseChangeNotification
WaitForSingleObject
QueryPerformanceCounter
GetStringTypeExA
lstrlenA
lstrcmpiA
CompareStringW
CompareStringA
GetVersion
MultiByteToWideChar
InterlockedExchange
GetLastError
SetLastError
GetModuleHandleA
LoadLibraryA
GetProcAddress
GlobalAlloc
GlobalLock
GlobalUnlock
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
GetTimeZoneInformation
SizeofResource

user32

KillTimer
WindowFromPoint
GetDCEx
LockWindowUpdate
SetCapture
FindWindowA
DrawIcon
SetWindowRgn
CopyAcceleratorTableA
CreateMenu
PostThreadMessageA
RegisterClipboardFormatA
ShowOwnedPopups
SetParent
DeleteMenu
IsRectEmpty
IsZoomed
MapDialogRect
GetAsyncKeyState
InflateRect
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
EnableMenuItem
CheckMenuItem
SendDlgItemMessageA
IsChild
SetWindowsHookExA
CallNextHookEx
SetPropA
GetPropA
RemovePropA
GetWindowTextLengthA
GetForegroundWindow
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
GetClassInfoExA
RegisterClassA
DeferWindowPos
GetScrollInfo
SetScrollInfo
PtInRect
SetWindowPlacement
CallWindowProcA
SetTimer
GetWindowPlacement
GetWindowRect
GetSystemMetrics
RegisterWindowMessageA
UnpackDDElParam
ReuseDDElParam
DestroyMenu
WinHelpA
SetFocus
EqualRect
GetDlgItem
GetDlgCtrlID
PeekMessageA
GetCapture
ReleaseCapture
LoadAcceleratorsA
SetActiveWindow
IsIconic
CreatePopupMenu
GetClassInfoA
IntersectRect
OffsetRect
SetRectEmpty
CopyRect
PostMessageA
SetMenu
GetDesktopWindow
AdjustWindowRectEx
SetWindowLongA
TranslateAcceleratorA
TranslateMDISysAccel
GetActiveWindow
DrawMenuBar
CreateWindowExA
DefMDIChildProcA
GetMenu
DefFrameProcA
GetWindowThreadProcessId
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
EndPaint
BeginPaint
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetMenuState
GetMenuStringA
AppendMenuA
GetMenuItemID
InsertMenuA
GetMenuItemCount
RemoveMenu
FillRect
GetClientRect
SetMenuItemBitmaps
InvalidateRect
GetFocus
EnableWindow
LoadCursorA
IsWindow
SetForegroundWindow
UpdateWindow
ClientToScreen
LoadMenuA
InsertMenuItemA
GetSubMenu
MessageBoxA
CharUpperA
GetWindowTextA
GetClassLongA
GetParent
DestroyIcon
UnregisterClassA
GetSysColorBrush
PostQuitMessage
GetMenuItemInfoA
GetClassNameA
SetWindowPos
SetRect
GetMessageA
TranslateMessage
GetCursorPos
SystemParametersInfoA
ValidateRect
LoadIconA
DefWindowProcA
SendMessageA
GetTabbedTextExtentA
GetDC
ReleaseDC
IsWindowVisible
ShowScrollBar
GetCaretPos
SetCaretPos
HideCaret
ShowCaret
DestroyCaret
DestroyCursor
CreateCaret
SetCursor
GetCursor
SetClipboardData
CloseClipboard
EmptyClipboard
OpenClipboard
GetKeyState
GetWindow
ScreenToClient
RedrawWindow
BringWindowToTop
GetSysColor
DrawEdge
GetWindowDC
TrackPopupMenu
GetSystemMenu
GetTopWindow
ShowWindow

gdi32

SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
ExtSelectClipRgn
DeleteDC
CreatePatternBrush
CreateBitmap
CreateSolidBrush
SetRectRgn
Escape
PatBlt
DPtoLP
GetTextMetricsA
GetTextExtentPoint32A
GetCharWidthA
StretchDIBits
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
GetViewportOrgEx
EnumFontFamiliesExA
CreateEllipticRgn
LPtoDP
Ellipse
GetNearestColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextAlign
GetTextFaceA
GetWindowOrgEx
ExtTextOutA
TextOutA
RectVisible
PtVisible
StartDocA
GetPixel
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
SelectClipRgn
CombineRgn
CreateCompatibleBitmap
SetTextAlign
IntersectClipRect
GetClipBox
SetMapMode
SetTextColor
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
SetBkColor
RestoreDC
SaveDC
CreateDCA
SetPixel
ExcludeClipRect
CreatePen
MoveToEx
LineTo
DeleteObject
RoundRect
GetTextColor
GetBkColor
GetDeviceCaps
CreateRectRgnIndirect
CreateFontA
CreateFontIndirectA
GetStockObject
Rectangle
SelectObject
GetCurrentObject
BitBlt
CreateCompatibleDC
GetObjectA

comdlg32

GetFileTitleA

winspool.drv

GetJobA
ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

GetFileSecurityA
RegCreateKeyA
RegDeleteValueA
RegSetValueExA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegCloseKey
SetFileSecurityA
RegOpenKeyA
RegSetValueA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA

shell32

ExtractIconA
DragAcceptFiles
DragFinish
DragQueryFileA
SHGetFileInfoA
ShellExecuteA

comctl32

ord17

shlwapi

PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathFindExtensionA

ole32

OleDestroyMenuDescriptor
OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator

oleaut32

VariantClear
VariantChangeType
VariantInit
SysAllocStringLen

Sections

.text
Size: 312KB - Virtual size: 311KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SHARDATA
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
TurboFTP/addrbk.dat
TurboFTP/colors.ini
TurboFTP/colors.ini.default
TurboFTP/dzgt32.dll
.dll windows:4 windows x86 arch:x86

8962670a82083336ca0a3d2f50c8183d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
TlsFree
IsBadReadPtr
TlsGetValue
lstrlenA
CloseHandle
CreateFileA
lstrcatA
lstrcpyA
IsDBCSLeadByte
lstrcpynA
lstrcmpA
DeleteFileA
ReadFile
SetFileAttributesA
GetFileAttributesA
lstrcmpiA
FindClose
FileTimeToLocalFileTime
FindFirstFileA
WriteFile
IsBadStringPtrA
SetFilePointer
GetWindowsDirectoryA
FileTimeToSystemTime
LocalFileTimeToFileTime
SystemTimeToFileTime
GlobalReAlloc
GlobalLock
SetEndOfFile
GetFileTime
MoveFileA
GetCurrentThreadId
GetLastError
CreateDirectoryA
GetFileSize
SetFileTime
GlobalSize
FlushFileBuffers
FindNextFileA
GetCommandLineA
GetVersion
HeapFree
HeapAlloc
GetLocalTime
HeapReAlloc
HeapSize
GetTimeZoneInformation
GetSystemTime
GetCurrentDirectoryA
TlsSetValue
ExitProcess
TerminateProcess
GetCurrentProcess
SetLastError
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
RtlUnwind
InterlockedDecrement
InterlockedIncrement
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA
LCMapStringA
LCMapStringW
CompareStringA
CompareStringW
SetEnvironmentVariableA
GlobalHandle
GlobalUnlock
GlobalFree
TlsAlloc
GetCurrentProcessId

user32

GetActiveWindow
DialogBoxParamA
EndDialog
SetForegroundWindow
SetWindowTextA
SetDlgItemTextA
ReleaseDC
GetDC
CharUpperBuffA
TranslateMessage
DispatchMessageA
PeekMessageA
CharLowerA
CharPrevA
CharToOemA
LoadCursorA
SetCursor
CharNextA
CharUpperA
wsprintfA
MessageBoxA

gdi32

SetBkMode
GetBkColor
GetStockObject
SetBkColor

comdlg32

GetSaveFileNameA

Exports

Exports

gt
ugt

Sections

.text
Size: 104KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
TurboFTP/eula.txt
TurboFTP/lang/langarb.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 176KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
TurboFTP/lang/langb5.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 128KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
TurboFTP/lang/langdeu.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 208KB - Virtual size: 205KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
TurboFTP/lang/langfr.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 212KB - Virtual size: 209KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
TurboFTP/lang/langgb.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 128KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
TurboFTP/lang/langita.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 204KB - Virtual size: 201KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
TurboFTP/lang/langkr.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 152KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
TurboFTP/lang/langnl.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 192KB - Virtual size: 191KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
TurboFTP/lang/langptg.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 192KB - Virtual size: 190KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
TurboFTP/lang/langruss.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 184KB - Virtual size: 183KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
TurboFTP/lang/langspn.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 204KB - Virtual size: 203KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
TurboFTP/lang/langswd.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 192KB - Virtual size: 191KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
TurboFTP/libeay32.dll
.dll windows:4 windows x86 arch:x86

eafa7bd06242e11e236174fb61216a60

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wsock32

recvfrom
sendto
bind
listen
accept
ntohl
inet_ntoa
WSACancelBlockingCall
WSACleanup
WSAStartup
gethostbyname
getsockopt
getservbyname
ntohs
htons
htonl
socket
setsockopt
connect
send
WSASetLastError
recv
WSAGetLastError
shutdown
closesocket

gdi32

CreateCompatibleDC
GetDeviceCaps
CreateCompatibleBitmap
SelectObject
GetObjectA
BitBlt
GetBitmapBits
DeleteObject
DeleteDC
CreateDCA

advapi32

ReportEventA
DeregisterEventSource
RegisterEventSourceA

user32

MessageBoxA
GetDesktopWindow
GetProcessWindowStation
GetUserObjectInformationW

msvcr80

strncpy
free
malloc
_errno
isxdigit
isdigit
fprintf
__iob_func
strstr
fputs
fclose
_gmtime64
fread
fwrite
fflush
fopen
_setmode
ftell
feof
fseek
fgets
atoi
perror
qsort
strcmp
strchr
strerror
_chmod
isspace
memmove
strncmp
strtoul
strrchr
tolower
getenv
_stat64i32
isupper
sscanf
exit
strtol
signal
printf
_exit
wcsstr
_vsnprintf
vfprintf
abort
realloc
memchr
_encode_pointer
_malloc_crt
_encoded_null
_decode_pointer
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_crt_debugger_hook
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
memset
memcpy
_time64
_localtime64
sprintf
_read
_write
_fileno
_getch
_getpid
ferror
isalnum

kernel32

InterlockedExchange
GetVersionExA
GlobalMemoryStatus
GetCurrentProcessId
QueryPerformanceCounter
Sleep
GetSystemTimeAsFileTime
GetFileType
GetVersion
CreateToolhelp32Snapshot
Module32First
InterlockedCompareExchange
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
DisableThreadLibraryCalls
FindNextFileA
FindClose
FindFirstFileA
FreeLibrary
LoadLibraryA
GetTickCount
SetLastError
Module32Next
CloseHandle
GetCurrentThreadId
GetStdHandle
FlushConsoleInputBuffer
GetThreadTimes
GetCurrentThread
GetModuleHandleA
GetProcAddress
ExitProcess
GetLastError

Exports

Exports

ACCESS_DESCRIPTION_free
ACCESS_DESCRIPTION_it
ACCESS_DESCRIPTION_new
AES_bi_ige_encrypt
AES_cbc_encrypt
AES_cfb128_encrypt
AES_cfb1_encrypt
AES_cfb8_encrypt
AES_cfbr_encrypt_block
AES_ctr128_encrypt
AES_decrypt
AES_ecb_encrypt
AES_encrypt
AES_ige_encrypt
AES_ofb128_encrypt
AES_options
AES_set_decrypt_key
AES_set_encrypt_key
ASN1_ANY_it
ASN1_BIT_STRING_asn1_meth
ASN1_BIT_STRING_free
ASN1_BIT_STRING_get_bit
ASN1_BIT_STRING_it
ASN1_BIT_STRING_name_print
ASN1_BIT_STRING_new
ASN1_BIT_STRING_num_asc
ASN1_BIT_STRING_set
ASN1_BIT_STRING_set_asc
ASN1_BIT_STRING_set_bit
ASN1_BMPSTRING_free
ASN1_BMPSTRING_it
ASN1_BMPSTRING_new
ASN1_BOOLEAN_it
ASN1_ENUMERATED_free
ASN1_ENUMERATED_get
ASN1_ENUMERATED_it
ASN1_ENUMERATED_new
ASN1_ENUMERATED_set
ASN1_ENUMERATED_to_BN
ASN1_FBOOLEAN_it
ASN1_GENERALIZEDTIME_check
ASN1_GENERALIZEDTIME_free
ASN1_GENERALIZEDTIME_it
ASN1_GENERALIZEDTIME_new
ASN1_GENERALIZEDTIME_print
ASN1_GENERALIZEDTIME_set
ASN1_GENERALIZEDTIME_set_string
ASN1_GENERALSTRING_free
ASN1_GENERALSTRING_it
ASN1_GENERALSTRING_new
ASN1_HEADER_free
ASN1_HEADER_new
ASN1_IA5STRING_asn1_meth
ASN1_IA5STRING_free
ASN1_IA5STRING_it
ASN1_IA5STRING_new
ASN1_INTEGER_cmp
ASN1_INTEGER_dup
ASN1_INTEGER_free
ASN1_INTEGER_get
ASN1_INTEGER_it
ASN1_INTEGER_new
ASN1_INTEGER_set
ASN1_INTEGER_to_BN
ASN1_NULL_free
ASN1_NULL_it
ASN1_NULL_new
ASN1_OBJECT_create
ASN1_OBJECT_free
ASN1_OBJECT_it
ASN1_OBJECT_new
ASN1_OCTET_STRING_NDEF_it
ASN1_OCTET_STRING_cmp
ASN1_OCTET_STRING_dup
ASN1_OCTET_STRING_free
ASN1_OCTET_STRING_it
ASN1_OCTET_STRING_new
ASN1_OCTET_STRING_set
ASN1_PRINTABLESTRING_free
ASN1_PRINTABLESTRING_it
ASN1_PRINTABLESTRING_new
ASN1_PRINTABLE_free
ASN1_PRINTABLE_it
ASN1_PRINTABLE_new
ASN1_PRINTABLE_type
ASN1_SEQUENCE_it
ASN1_STRING_TABLE_add
ASN1_STRING_TABLE_cleanup
ASN1_STRING_TABLE_get
ASN1_STRING_cmp
ASN1_STRING_data
ASN1_STRING_dup
ASN1_STRING_encode
ASN1_STRING_free
ASN1_STRING_get_default_mask
ASN1_STRING_length
ASN1_STRING_length_set
ASN1_STRING_new
ASN1_STRING_print
ASN1_STRING_print_ex
ASN1_STRING_print_ex_fp
ASN1_STRING_set
ASN1_STRING_set_by_NID
ASN1_STRING_set_default_mask
ASN1_STRING_set_default_mask_asc
ASN1_STRING_to_UTF8
ASN1_STRING_type
ASN1_STRING_type_new
ASN1_T61STRING_free
ASN1_T61STRING_it
ASN1_T61STRING_new
ASN1_TBOOLEAN_it
ASN1_TIME_check
ASN1_TIME_free
ASN1_TIME_it
ASN1_TIME_new
ASN1_TIME_print
ASN1_TIME_set
ASN1_TIME_to_generalizedtime
ASN1_TYPE_free
ASN1_TYPE_get
ASN1_TYPE_get_int_octetstring
ASN1_TYPE_get_octetstring
ASN1_TYPE_new
ASN1_TYPE_set
ASN1_TYPE_set_int_octetstring
ASN1_TYPE_set_octetstring
ASN1_UNIVERSALSTRING_free
ASN1_UNIVERSALSTRING_it
ASN1_UNIVERSALSTRING_new
ASN1_UNIVERSALSTRING_to_string
ASN1_UTCTIME_check
ASN1_UTCTIME_cmp_time_t
ASN1_UTCTIME_free
ASN1_UTCTIME_it
ASN1_UTCTIME_new
ASN1_UTCTIME_print
ASN1_UTCTIME_set
ASN1_UTCTIME_set_string
ASN1_UTF8STRING_free
ASN1_UTF8STRING_it
ASN1_UTF8STRING_new
ASN1_VISIBLESTRING_free
ASN1_VISIBLESTRING_it
ASN1_VISIBLESTRING_new
ASN1_add_oid_module
ASN1_check_infinite_end
ASN1_const_check_infinite_end
ASN1_d2i_bio
ASN1_d2i_fp
ASN1_digest
ASN1_dup
ASN1_generate_nconf
ASN1_generate_v3
ASN1_get_object
ASN1_i2d_bio
ASN1_i2d_fp
ASN1_item_d2i
ASN1_item_d2i_bio
ASN1_item_d2i_fp
ASN1_item_digest
ASN1_item_dup
ASN1_item_ex_d2i
ASN1_item_ex_free
ASN1_item_ex_i2d
ASN1_item_ex_new
ASN1_item_free
ASN1_item_i2d
ASN1_item_i2d_bio
ASN1_item_i2d_fp
ASN1_item_ndef_i2d
ASN1_item_new
ASN1_item_pack
ASN1_item_sign
ASN1_item_unpack
ASN1_item_verify
ASN1_mbstring_copy
ASN1_mbstring_ncopy
ASN1_object_size
ASN1_pack_string
ASN1_parse
ASN1_parse_dump
ASN1_primitive_free
ASN1_primitive_new
ASN1_put_eoc
ASN1_put_object
ASN1_seq_pack
ASN1_seq_unpack
ASN1_sign
ASN1_tag2bit
ASN1_tag2str
ASN1_template_d2i
ASN1_template_free
ASN1_template_i2d
ASN1_template_new
ASN1_unpack_string
ASN1_verify
AUTHORITY_INFO_ACCESS_free
AUTHORITY_INFO_ACCESS_it
AUTHORITY_INFO_ACCESS_new
AUTHORITY_KEYID_free
AUTHORITY_KEYID_it
AUTHORITY_KEYID_new
BASIC_CONSTRAINTS_free
BASIC_CONSTRAINTS_it
BASIC_CONSTRAINTS_new
BF_cbc_encrypt
BF_cfb64_encrypt
BF_decrypt
BF_ecb_encrypt
BF_encrypt
BF_ofb64_encrypt
BF_options
BF_set_key
BIGNUM_it
BIO_accept
BIO_callback_ctrl
BIO_clear_flags
BIO_copy_next_retry
BIO_ctrl
BIO_ctrl_get_read_request
BIO_ctrl_get_write_guarantee
BIO_ctrl_pending
BIO_ctrl_reset_read_request
BIO_ctrl_wpending
BIO_debug_callback
BIO_dgram_non_fatal_error
BIO_dump
BIO_dump_cb
BIO_dump_fp
BIO_dump_indent
BIO_dump_indent_cb
BIO_dump_indent_fp
BIO_dup_chain
BIO_f_base64
BIO_f_buffer
BIO_f_cipher
BIO_f_md
BIO_f_nbio_test
BIO_f_null
BIO_f_reliable
BIO_fd_non_fatal_error
BIO_fd_should_retry
BIO_find_type
BIO_free
BIO_free_all
BIO_get_accept_socket
BIO_get_callback
BIO_get_callback_arg
BIO_get_ex_data
BIO_get_ex_new_index
BIO_get_host_ip
BIO_get_port
BIO_get_retry_BIO
BIO_get_retry_reason
BIO_gethostbyname
BIO_gets
BIO_indent
BIO_int_ctrl
BIO_method_name
BIO_method_type
BIO_new
BIO_new_accept
BIO_new_bio_pair
BIO_new_connect
BIO_new_dgram
BIO_new_fd
BIO_new_file
BIO_new_fp
BIO_new_mem_buf
BIO_new_socket
BIO_next
BIO_nread
BIO_nread0
BIO_number_read
BIO_number_written
BIO_nwrite
BIO_nwrite0
BIO_pop
BIO_printf
BIO_ptr_ctrl
BIO_push
BIO_puts
BIO_read
BIO_s_accept
BIO_s_bio
BIO_s_connect
BIO_s_datagram
BIO_s_fd
BIO_s_file
BIO_s_mem
BIO_s_null
BIO_s_socket
BIO_set
BIO_set_callback
BIO_set_callback_arg
BIO_set_cipher
BIO_set_ex_data
BIO_set_flags
BIO_set_tcp_ndelay
BIO_snprintf
BIO_sock_cleanup
BIO_sock_error
BIO_sock_init
BIO_sock_non_fatal_error
BIO_sock_should_retry
BIO_socket_ioctl
BIO_socket_nbio
BIO_test_flags
BIO_vfree
BIO_vprintf
BIO_vsnprintf
BIO_write
BN_BLINDING_convert
BN_BLINDING_convert_ex
BN_BLINDING_create_param
BN_BLINDING_free
BN_BLINDING_get_flags
BN_BLINDING_get_thread_id
BN_BLINDING_invert
BN_BLINDING_invert_ex
BN_BLINDING_new
BN_BLINDING_set_flags
BN_BLINDING_set_thread_id
BN_BLINDING_update
BN_CTX_end
BN_CTX_free
BN_CTX_get
BN_CTX_init
BN_CTX_new
BN_CTX_start
BN_GENCB_call
BN_GF2m_add
BN_GF2m_arr2poly
BN_GF2m_mod
BN_GF2m_mod_arr
BN_GF2m_mod_div
BN_GF2m_mod_div_arr
BN_GF2m_mod_exp
BN_GF2m_mod_exp_arr
BN_GF2m_mod_inv
BN_GF2m_mod_inv_arr
BN_GF2m_mod_mul
BN_GF2m_mod_mul_arr
BN_GF2m_mod_solve_quad
BN_GF2m_mod_solve_quad_arr
BN_GF2m_mod_sqr
BN_GF2m_mod_sqr_arr
BN_GF2m_mod_sqrt
BN_GF2m_mod_sqrt_arr
BN_GF2m_poly2arr
BN_MONT_CTX_copy
BN_MONT_CTX_free
BN_MONT_CTX_init
BN_MONT_CTX_new
BN_MONT_CTX_set
BN_MONT_CTX_set_locked
BN_RECP_CTX_free
BN_RECP_CTX_init
BN_RECP_CTX_new
BN_RECP_CTX_set
BN_X931_derive_prime
BN_X931_derive_prime_ex
BN_X931_generate_Xpq
BN_X931_generate_prime
BN_X931_generate_prime_ex
BN_add
BN_add_word
BN_bin2bn
BN_bn2bin
BN_bn2dec
BN_bn2hex
BN_bn2mpi
BN_bntest_rand
BN_clear
BN_clear_bit
BN_clear_free
BN_cmp
BN_copy
BN_dec2bn
BN_div
BN_div_recp
BN_div_word
BN_dup
BN_exp
BN_free
BN_from_montgomery
BN_gcd
BN_generate_prime
BN_generate_prime_ex
BN_get0_nist_prime_192
BN_get0_nist_prime_224
BN_get0_nist_prime_256
BN_get0_nist_prime_384
BN_get0_nist_prime_521
BN_get_params
BN_get_word
BN_hex2bn
BN_init
BN_is_bit_set
BN_is_prime
BN_is_prime_ex
BN_is_prime_fasttest
BN_is_prime_fasttest_ex
BN_kronecker
BN_lshift
BN_lshift1
BN_mask_bits
BN_mod_add
BN_mod_add_quick
BN_mod_exp
BN_mod_exp2_mont
BN_mod_exp_mont
BN_mod_exp_mont_consttime
BN_mod_exp_mont_word
BN_mod_exp_recp
BN_mod_exp_simple
BN_mod_inverse
BN_mod_lshift
BN_mod_lshift1
BN_mod_lshift1_quick
BN_mod_lshift_quick
BN_mod_mul
BN_mod_mul_montgomery
BN_mod_mul_reciprocal
BN_mod_sqr
BN_mod_sqrt
BN_mod_sub
BN_mod_sub_quick
BN_mod_word
BN_mpi2bn
BN_mul
BN_mul_word
BN_new
BN_nist_mod_192
BN_nist_mod_224
BN_nist_mod_256
BN_nist_mod_384
BN_nist_mod_521
BN_nnmod
BN_num_bits
BN_num_bits_word
BN_options
BN_print
BN_print_fp
BN_pseudo_rand
BN_pseudo_rand_range
BN_rand
BN_rand_range
BN_reciprocal
BN_rshift
BN_rshift1
BN_set_bit
BN_set_negative
BN_set_params
BN_set_word
BN_sqr
BN_sub
BN_sub_word
BN_swap
BN_to_ASN1_ENUMERATED
BN_to_ASN1_INTEGER
BN_uadd
BN_ucmp
BN_usub
BN_value_one
BUF_MEM_free
BUF_MEM_grow
BUF_MEM_grow_clean
BUF_MEM_new
BUF_memdup
BUF_strdup
BUF_strlcat
BUF_strlcpy
BUF_strndup
CAST_cbc_encrypt
CAST_cfb64_encrypt
CAST_decrypt
CAST_ecb_encrypt
CAST_encrypt
CAST_ofb64_encrypt
CAST_set_key
CBIGNUM_it
CERTIFICATEPOLICIES_free
CERTIFICATEPOLICIES_it
CERTIFICATEPOLICIES_new
COMP_CTX_free
COMP_CTX_new
COMP_compress_block
COMP_expand_block
COMP_rle
COMP_zlib
CONF_dump_bio
CONF_dump_fp
CONF_free
CONF_get1_default_config_file
CONF_get_number
CONF_get_section
CONF_get_string
CONF_imodule_get_flags

Sections

.text
Size: 512KB - Virtual size: 509KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

fipstx
Size: 156KB - Virtual size: 153KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 232KB - Virtual size: 231KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

fipsrd
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

fipsda
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
TurboFTP/readme.txt
TurboFTP/sshm.dll
.dll windows:4 windows x86 arch:x86

bbbb5be4ae12744b355a422c8bf28f6c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wsock32

socket
htons
connect
WSAGetLastError
inet_ntoa
select
WSASetLastError
ioctlsocket
gethostbyname
shutdown
closesocket
send
recv

libeay32

ord3155
ord3224
ord2644
ord3222
ord2927
ord329
ord328
ord327
ord326
ord325
ord321
ord320
ord319
ord318
ord986
ord985
ord984
ord983
ord297
ord296
ord295
ord294
ord306
ord305
ord304
ord303
ord311
ord310
ord309
ord308
ord307
ord302
ord301
ord300
ord299
ord215
ord489
ord227
ord962
ord256
ord2291
ord266
ord265
ord961
ord267
ord269
ord268
ord333
ord264
ord323
ord3225
ord125
ord314
ord2399
ord3841
ord258
ord3874
ord340
ord342
ord341
ord3819
ord3889
ord124
ord134
ord151
ord203
ord123
ord117
ord3844
ord3315
ord464
ord155
ord208
ord205
ord202
ord118
ord201
ord206
ord150
ord129
ord209
ord484
ord213
ord486
ord1001
ord120
ord497
ord110
ord126
ord163
ord2862
ord111
ord1334
ord1335
ord1336
ord1333
ord1252
ord495
ord223
ord316
ord363
ord498
ord3212
ord224
ord254
ord2604
ord298
ord3221
ord2996
ord3223
ord2720
ord3220
ord161
ord166

ssleay32

ord74

ws2_32

WSAEnumNetworkEvents
WSAEventSelect
WSACreateEvent

msvcrt

fgets
_wfopen
fread
ftell
fseek
strerror
_errno
_iob
fopen
sscanf
_pctype
__mb_cur_max
_isctype
strchr
strncmp
sprintf
malloc
atoi
_wopen
strstr
fprintf
strncat
tolower
strtok
fwrite
_vsnprintf
strftime
localtime
time
strncpy
fflush
_snprintf
gmtime
free
calloc
_ftol
realloc
memmove
printf
_initterm
_adjust_fdiv
_close
_fstat
_strnicmp
_strdup
fclose

kernel32

FormatMessageW
InterlockedIncrement
GetLastError
EnterCriticalSection
WaitForMultipleObjects
MultiByteToWideChar
FindClose
GetTickCount
GetFileSize
ReadFile
CreateFileW
CloseHandle
WaitForSingleObject
WriteFile
SetFilePointer
LeaveCriticalSection
WideCharToMultiByte

Exports

Exports

SSH_free
SSH_new
add_authenmethod
clear_authenmethod
do_attrs_free
do_get_lastname
do_sftp_get_file
do_sftp_get_listing
do_sftp_init
do_sftp_last_attrs
do_sftp_link
do_sftp_ls_dir
do_sftp_lstat
do_sftp_mkdir
do_sftp_opendir
do_sftp_put_file
do_sftp_readlink
do_sftp_realpath
do_sftp_remove
do_sftp_rename
do_sftp_rmdir
do_sftp_setstat
do_sftp_stat
do_sftp_symlink
do_ssh_ignore
get_kr_pass
set_debuglevel
set_events
set_hostname
set_hostport
set_kr_file
set_kr_pass
set_ku_file
set_log
set_password
set_proxyhostname
set_proxypassword
set_proxyport
set_proxytype
set_proxyusername
set_sftp_info_callback
set_timeout
set_username
ssh_close
ssh_connect
ssh_deinitlib
ssh_disconnect
ssh_initlib
ssh_last_err
ssh_last_errstr
ssh_setabort
ssh_state_string
test_load_privatekey
test_load_publickey

Sections

.text
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 528B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
TurboFTP/ssleay32.dll
.dll windows:4 windows x86 arch:x86

76d10b3e71ff7bf62ad94a2f8568dcee

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

libeay32

ord269
ord3109
ord2630
ord910
ord2411
ord754
ord490
ord222
ord3873
ord168
ord169
ord85
ord52
ord167
ord2201
ord289
ord493
ord911
ord464
ord3836
ord3245
ord354
ord2936
ord3244
ord3844
ord323
ord3067
ord2894
ord961
ord3874
ord3841
ord89
ord109
ord3879
ord202
ord3239
ord866
ord110
ord3422
ord2929
ord3644
ord3570
ord2578
ord111
ord3010
ord3480
ord2924
ord3459
ord3512
ord3608
ord3575
ord3663
ord123
ord201
ord118
ord3666
ord219
ord498
ord285
ord635
ord912
ord909
ord3724
ord313
ord495
ord3883
ord120
ord151
ord3178
ord3695
ord3550
ord3418
ord203
ord128
ord31
ord830
ord727
ord2760
ord282
ord572
ord3719
ord216
ord206
ord497
ord3682
ord2877
ord3711
ord205
ord486
ord484
ord763
ord577
ord907
ord87
ord481
ord3729
ord333
ord2915
ord256
ord1096
ord1097
ord3816
ord3888
ord3896
ord2589
ord1145
ord1144
ord1081
ord2292
ord3823
ord3846
ord622
ord627
ord657
ord653
ord623
ord3283
ord2784
ord188
ord964
ord2572
ord3288
ord2747
ord3704
ord3758
ord3767
ord3647
ord3766
ord3365
ord3857
ord3460
ord3454
ord3754
ord3394
ord187
ord897
ord3414
ord3495
ord67
ord65
ord53
ord78
ord98
ord3826
ord3559
ord3399
ord636
ord914
ord626
ord890
ord1004
ord3527
ord364
ord1010
ord2051
ord58
ord66
ord630
ord628
ord1041
ord1007
ord1005
ord1027
ord3378
ord3437
ord316
ord629
ord892
ord74
ord3866
ord248
ord1655
ord575
ord1025
ord246
ord1100
ord679
ord2524
ord3595
ord1023
ord3505
ord401
ord93
ord3396
ord3657
ord887
ord889
ord891
ord315
ord1147
ord189
ord314
ord956
ord280
ord2181
ord399
ord748
ord279
ord283
ord400
ord751
ord750
ord774
ord3205
ord37
ord35
ord824
ord822
ord8
ord1091
ord3700
ord3623
ord32
ord718
ord7
ord716
ord703
ord680
ord86
ord88
ord1101
ord293
ord322
ord2996
ord3155
ord2927
ord325
ord329
ord318
ord304
ord292
ord299
ord955
ord2252
ord91
ord247
ord225
ord181
ord654
ord290
ord281
ord2821
ord641
ord176
ord857
ord2206
ord252
ord903
ord1654
ord1653
ord904
ord901
ord965
ord905

msvcr80

__CppXcptFilter
_crt_debugger_hook
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
_amsg_exit
_initterm_e
_initterm
_decode_pointer
_encoded_null
free
_malloc_crt
_encode_pointer
_errno
__iob_func
fprintf
strncmp
memmove
memset
memcpy
_time64
_adjust_fdiv

kernel32

GetLastError
InterlockedExchange
Sleep
InterlockedCompareExchange
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
DisableThreadLibraryCalls
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
SetLastError

Exports

Exports

BIO_f_ssl
BIO_new_buffer_ssl_connect
BIO_new_ssl
BIO_new_ssl_connect
BIO_ssl_copy_session_id
BIO_ssl_shutdown
DTLSv1_client_method
DTLSv1_method
DTLSv1_server_method
ERR_load_SSL_strings
SSL_CIPHER_description
SSL_CIPHER_get_bits
SSL_CIPHER_get_name
SSL_CIPHER_get_version
SSL_COMP_add_compression_method
SSL_COMP_get_compression_methods
SSL_COMP_get_name
SSL_CTX_add_client_CA
SSL_CTX_add_session
SSL_CTX_callback_ctrl
SSL_CTX_check_private_key
SSL_CTX_ctrl
SSL_CTX_flush_sessions
SSL_CTX_free
SSL_CTX_get_cert_store
SSL_CTX_get_client_CA_list
SSL_CTX_get_client_cert_cb
SSL_CTX_get_ex_data
SSL_CTX_get_ex_new_index
SSL_CTX_get_info_callback
SSL_CTX_get_quiet_shutdown
SSL_CTX_get_timeout
SSL_CTX_get_verify_callback
SSL_CTX_get_verify_depth
SSL_CTX_get_verify_mode
SSL_CTX_load_verify_locations
SSL_CTX_new
SSL_CTX_remove_session
SSL_CTX_sess_get_get_cb
SSL_CTX_sess_get_new_cb
SSL_CTX_sess_get_remove_cb
SSL_CTX_sess_set_get_cb
SSL_CTX_sess_set_new_cb
SSL_CTX_sess_set_remove_cb
SSL_CTX_sessions
SSL_CTX_set_cert_store
SSL_CTX_set_cert_verify_callback
SSL_CTX_set_cipher_list
SSL_CTX_set_client_CA_list
SSL_CTX_set_client_cert_cb
SSL_CTX_set_cookie_generate_cb
SSL_CTX_set_cookie_verify_cb
SSL_CTX_set_default_passwd_cb
SSL_CTX_set_default_passwd_cb_userdata
SSL_CTX_set_default_verify_paths
SSL_CTX_set_ex_data
SSL_CTX_set_generate_session_id
SSL_CTX_set_info_callback
SSL_CTX_set_msg_callback
SSL_CTX_set_purpose
SSL_CTX_set_quiet_shutdown
SSL_CTX_set_session_id_context
SSL_CTX_set_ssl_version
SSL_CTX_set_timeout
SSL_CTX_set_tmp_dh_callback
SSL_CTX_set_tmp_ecdh_callback
SSL_CTX_set_tmp_rsa_callback
SSL_CTX_set_trust
SSL_CTX_set_verify
SSL_CTX_set_verify_depth
SSL_CTX_use_PrivateKey
SSL_CTX_use_PrivateKey_ASN1
SSL_CTX_use_PrivateKey_file
SSL_CTX_use_RSAPrivateKey
SSL_CTX_use_RSAPrivateKey_ASN1
SSL_CTX_use_RSAPrivateKey_file
SSL_CTX_use_certificate
SSL_CTX_use_certificate_ASN1
SSL_CTX_use_certificate_chain_file
SSL_CTX_use_certificate_file
SSL_SESSION_cmp
SSL_SESSION_free
SSL_SESSION_get_ex_data
SSL_SESSION_get_ex_new_index
SSL_SESSION_get_id
SSL_SESSION_get_time
SSL_SESSION_get_timeout
SSL_SESSION_hash
SSL_SESSION_new
SSL_SESSION_print
SSL_SESSION_print_fp
SSL_SESSION_set_ex_data
SSL_SESSION_set_time
SSL_SESSION_set_timeout
SSL_accept
SSL_add_client_CA
SSL_add_dir_cert_subjects_to_stack
SSL_add_file_cert_subjects_to_stack
SSL_alert_desc_string
SSL_alert_desc_string_long
SSL_alert_type_string
SSL_alert_type_string_long
SSL_callback_ctrl
SSL_check_private_key
SSL_clear
SSL_connect
SSL_copy_session_id
SSL_ctrl
SSL_do_handshake
SSL_dup
SSL_dup_CA_list
SSL_free
SSL_get1_session
SSL_get_SSL_CTX
SSL_get_certificate
SSL_get_cipher_list
SSL_get_ciphers
SSL_get_client_CA_list
SSL_get_current_cipher
SSL_get_current_compression
SSL_get_current_expansion
SSL_get_default_timeout
SSL_get_error
SSL_get_ex_data
SSL_get_ex_data_X509_STORE_CTX_idx
SSL_get_ex_new_index
SSL_get_fd
SSL_get_finished
SSL_get_info_callback
SSL_get_peer_cert_chain
SSL_get_peer_certificate
SSL_get_peer_finished
SSL_get_privatekey
SSL_get_quiet_shutdown
SSL_get_rbio
SSL_get_read_ahead
SSL_get_rfd
SSL_get_session
SSL_get_shared_ciphers
SSL_get_shutdown
SSL_get_ssl_method
SSL_get_verify_callback
SSL_get_verify_depth
SSL_get_verify_mode
SSL_get_verify_result
SSL_get_version
SSL_get_wbio
SSL_get_wfd
SSL_has_matching_session_id
SSL_library_init
SSL_load_client_CA_file
SSL_load_error_strings
SSL_new
SSL_peek
SSL_pending
SSL_read
SSL_renegotiate
SSL_renegotiate_pending
SSL_rstate_string
SSL_rstate_string_long
SSL_set_accept_state
SSL_set_bio
SSL_set_cipher_list
SSL_set_client_CA_list
SSL_set_connect_state
SSL_set_ex_data
SSL_set_fd
SSL_set_generate_session_id
SSL_set_info_callback
SSL_set_msg_callback
SSL_set_purpose
SSL_set_quiet_shutdown
SSL_set_read_ahead
SSL_set_rfd
SSL_set_session
SSL_set_session_id_context
SSL_set_shutdown
SSL_set_ssl_method
SSL_set_tmp_dh_callback
SSL_set_tmp_ecdh_callback
SSL_set_tmp_rsa_callback
SSL_set_trust
SSL_set_verify
SSL_set_verify_depth
SSL_set_verify_result
SSL_set_wfd
SSL_shutdown
SSL_state
SSL_state_string
SSL_state_string_long
SSL_use_PrivateKey
SSL_use_PrivateKey_ASN1
SSL_use_PrivateKey_file
SSL_use_RSAPrivateKey
SSL_use_RSAPrivateKey_ASN1
SSL_use_RSAPrivateKey_file
SSL_use_certificate
SSL_use_certificate_ASN1
SSL_use_certificate_file
SSL_version
SSL_want
SSL_write
SSLv23_client_method
SSLv23_method
SSLv23_server_method
SSLv2_client_method
SSLv2_method
SSLv2_server_method
SSLv3_client_method
SSLv3_method
SSLv3_server_method
TLSv1_client_method
TLSv1_method
TLSv1_server_method
d2i_SSL_SESSION
i2d_SSL_SESSION
ssl2_ciphers
ssl3_ciphers

Sections

.text
Size: 136KB - Virtual size: 133KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
TurboFTP/tbsdkmd.dll
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 152KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text1
Size: 292KB - Virtual size: 320KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.adata
Size: 52KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data1
Size: 44KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc1
Size: 20KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.pdata
Size: 880KB - Virtual size: 896KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
TurboFTP/tbshex.dll
.dll regsvr32 windows:4 windows x86 arch:x86

31e234a20a4d8421bd4642210f7a922a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shell32

DragQueryFileW

kernel32

GlobalLock
GetModuleFileNameW
GetModuleHandleW
CreateFileMappingW
lstrcpynA
WideCharToMultiByte
lstrlenW
lstrcpynW
CreateProcessW
DisableThreadLibraryCalls
GetShortPathNameW
FreeLibrary
MultiByteToWideChar
lstrlenA
SizeofResource
LoadResource
FindResourceW
GlobalUnlock
lstrcmpiW
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
HeapDestroy
DeleteCriticalSection
GetProcAddress
LoadLibraryW
lstrcpyW
lstrcatW
InterlockedIncrement
InterlockedDecrement
GetTempPathW
OpenFileMappingW
MapViewOfFile
GetLastError
UnmapViewOfFile
OpenSemaphoreW
ReleaseSemaphore
CloseHandle
LoadLibraryExW
GetStringTypeW
GetStringTypeA
LoadLibraryA
GetOEMCP
GetACP
IsBadReadPtr
GetCPInfo
LCMapStringW
Sleep
InterlockedExchange
RtlUnwind
HeapFree
HeapAlloc
HeapReAlloc
GetCommandLineA
GetVersion
RaiseException
ExitProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
TerminateProcess
GetCurrentProcess
HeapSize
GetModuleHandleA
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
SetUnhandledExceptionFilter
LCMapStringA
IsBadCodePtr

user32

LoadStringW
InsertMenuW
CharNextW

advapi32

RegQueryInfoKeyW
RegSetValueExW
RegEnumKeyExW
RegOpenKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
RegQueryValueExW
RegCreateKeyExW
RegEnumValueW

ole32

CoTaskMemFree
CoTaskMemAlloc
CoTaskMemRealloc
CoCreateInstance
ReleaseStgMedium

oleaut32

SysStringLen
LoadRegTypeLi
RegisterTypeLi
LoadTypeLi
SysAllocString
VarUI4FromStr
SysFreeString

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
TurboFTP/tbupwz.exe
.exe windows:4 windows x86 arch:x86

042f6f77b0abc2ec1165b7a81f117537

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

h:\mysvnrepos\ftpexpressdev\FtpExpress\UploadWizards\ReleaseU\tbupwz.pdb

Imports

kernel32

TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
InterlockedIncrement
SetErrorMode
FindResourceExW
GetTickCount
HeapAlloc
GetStartupInfoW
RtlUnwind
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
ExitProcess
HeapReAlloc
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapSize
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
GlobalHandle
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetCurrentDirectoryA
GetDriveTypeA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
GlobalReAlloc
TlsGetValue
GlobalFlags
GetVersionExW
GetFullPathNameW
GetVolumeInformationW
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetThreadLocale
VirtualProtect
GetModuleHandleA
WritePrivateProfileStringW
GetPrivateProfileIntW
GetCurrentProcessId
GetCurrentThread
ConvertDefaultLocale
GetModuleFileNameW
GetVersion
EnumResourceLanguagesW
GetLocaleInfoW
CompareStringA
InterlockedExchange
FindNextFileW
lstrcmpA
GetFileTime
GetFileSize
GetFileAttributesW
CreateFileW
FindFirstFileW
FindClose
FileTimeToLocalFileTime
FileTimeToSystemTime
GetUserDefaultLCID
GlobalAlloc
MulDiv
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
FreeLibrary
CompareStringW
LoadLibraryA
lstrcmpW
GetVersionExA
GlobalLock
GlobalUnlock
GlobalFree
FreeResource
QueryPerformanceCounter
WideCharToMultiByte
Sleep
InterlockedDecrement
GetProcessHeap
HeapFree
lstrlenA
MultiByteToWideChar
GetLogicalDriveStringsW
lstrlenW
GetLastError
SetLastError
GetProcAddress
GetModuleHandleW
LoadLibraryW
GetCurrentDirectoryW
CreateDirectoryW
OpenFileMappingW
MapViewOfFile
UnmapViewOfFile
CloseHandle
lstrcpyW
FormatMessageW
LocalFree
LocalAlloc
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
FindResourceW
LoadResource
LockResource
SetHandleCount
SizeofResource

user32

UnregisterClassW
RegisterClipboardFormatW
PostThreadMessageW
CharUpperW
GetAsyncKeyState
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
DestroyMenu
SetWindowContextHelpId
MapDialogRect
GetWindowThreadProcessId
SetCursor
GetMessageW
TranslateMessage
ValidateRect
PostQuitMessage
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
SetDlgItemTextW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuW
EnableMenuItem
CheckMenuItem
GetMenuState
GetNextDlgGroupItem
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetFocus
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
DispatchMessageW
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
TrackPopupMenu
GetKeyState
SetForegroundWindow
IsWindowVisible
UpdateWindow
GetMenu
GetSubMenu
PostMessageW
EnableWindow
UnregisterClassA
SendMessageW
IsWindow
GetMenuItemID
GetMenuItemCount
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
AdjustWindowRectEx
ScreenToClient
EqualRect
InvalidateRgn
InvalidateRect
SetRect
IsRectEmpty
CopyAcceleratorTableW
CharNextW
ReleaseCapture
CopyRect
PtInRect
SetCapture
LoadCursorW
GetSysColorBrush
MessageBeep
DrawIcon
AppendMenuW
GetSystemMenu
IsIconic
GetClientRect
LoadIconW
GetSystemMetrics
GetCursorPos
CreatePopupMenu
SetTimer
KillTimer
LoadImageW
DestroyIcon
GetWindowRect
MessageBoxW
EndDialog
GetNextDlgTabItem
GetParent
IsWindowEnabled
GetDlgItem
GetWindowLongW
DestroyWindow
CreateDialogIndirectParamW
SetActiveWindow
GetActiveWindow
GetDesktopWindow
GetWindow
GetWindowPlacement
SystemParametersInfoA
IntersectRect
OffsetRect
SetWindowPos
SetWindowLongW
CallWindowProcW
DefWindowProcW
GetDlgCtrlID
LoadBitmapW

gdi32

ExtSelectClipRgn
DeleteDC
GetStockObject
CreateRectRgnIndirect
GetBkColor
GetTextColor
GetRgnBox
GetMapMode
EnumFontFamiliesExW
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
TextOutW
RectVisible
GetWindowExtEx
GetViewportExtEx
DeleteObject
SetMapMode
RestoreDC
SaveDC
ExtTextOutW
CreateBitmap
GetDeviceCaps
GetObjectW
SetBkColor
SetTextColor
GetClipBox
PtVisible

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegDeleteKeyW
RegSetValueExW
RegQueryValueW
RegEnumKeyW
RegQueryValueExW
RegOpenKeyExW
RegOpenKeyW
RegCloseKey
RegCreateKeyExW

shell32

SHBrowseForFolderW
SHGetMalloc
SHGetPathFromIDListW

comctl32

ord17

shlwapi

PathFindFileNameW
PathStripToRootW
PathFindExtensionW
PathIsUNCW

oledlg

OleUIBusyW

ole32

OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoDisconnectObject
CLSIDFromString
CLSIDFromProgID
CoRevokeClassObject
CoTaskMemAlloc
CoTaskMemFree
OleRun
CoInitializeEx
CoUninitialize
CoCreateInstance
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter

oleaut32

SysAllocString
SysFreeString
VariantClear
VariantChangeType
VariantInit
SysStringLen
VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
LoadTypeLi
OleCreateFontIndirect
GetErrorInfo
SysAllocStringLen

Sections

.text
Size: 356KB - Virtual size: 354KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
TurboFTP/tftpsvc.exe
.exe windows:4 windows x86 arch:x86

102f1b159571b673699043a8524561fd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
CloseHandle
CreateThread
GlobalUnlock
GlobalLock
GlobalAlloc
GetTickCount
WideCharToMultiByte
IsBadReadPtr
GlobalAddAtomA
GlobalAddAtomW
GlobalFree
GlobalGetAtomNameA
GlobalDeleteAtom
GlobalGetAtomNameW
FreeConsole
GetEnvironmentVariableA
VirtualProtect
VirtualAlloc
GetProcAddress
GetLastError
LoadLibraryA
SetLastError
SetThreadPriority
GetCurrentThread
SetEnvironmentVariableA
ReleaseMutex
WaitForSingleObject
CreateMutexA
OpenMutexA
SetErrorMode
GetCurrentThreadId
FindClose
FindFirstFileW
VirtualQueryEx
GetExitCodeProcess
ReadProcessMemory
VirtualProtectEx
ContinueDebugEvent
ResumeThread
OutputDebugStringA
OutputDebugStringW
SetThreadContext
GetThreadContext
WaitForDebugEvent
WriteProcessMemory
UnmapViewOfFile
SuspendThread
DebugActiveProcess
MapViewOfFile
DuplicateHandle
GetCurrentProcess
CreateFileMappingA
SetEvent
CreateEventA
MultiByteToWideChar
EnterCriticalSection
CreateFileA
CreateProcessA
GetStartupInfoA
GetSystemTimeAsFileTime
ExitProcess
LocalFree
CompareStringW
CompareStringA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
FlushFileBuffers
FormatMessageA
GetConsoleMode
GetConsoleCP
SetFilePointer
GetLocaleInfoW
GetStringTypeW
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
LeaveCriticalSection
GetVersionExA
InitializeCriticalSection
GetCurrentProcessId
GetModuleFileNameW
GetShortPathNameW
GetModuleFileNameA
GetShortPathNameA
GetModuleHandleA
GetCommandLineA
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
InterlockedIncrement
InterlockedDecrement
InterlockedExchange
DeleteCriticalSection
RtlUnwind
RaiseException
HeapFree
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapAlloc
GetProcessHeap
LCMapStringA
LCMapStringW
GetCPInfo
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetACP
GetOEMCP
IsValidCodePage
HeapDestroy
HeapCreate
VirtualFree
HeapReAlloc
HeapSize
WriteFile
GetStdHandle
GetTimeZoneInformation

user32

LoadStringW
IsWindow
PostMessageA
GetDesktopWindow
MoveWindow
SetPropA
EnumThreadWindows
GetPropA
GetMessageA
BeginPaint
KillTimer
GetAsyncKeyState
GetSystemMetrics
SetTimer
SetWindowTextA
GetDlgItem
CreateDialogIndirectParamA
ShowWindow
UpdateWindow
LoadStringA
EndPaint
FindWindowA
WaitForInputIdle
DestroyWindow
MessageBoxA
InSendMessage
UnpackDDElParam
FreeDDElParam
DefWindowProcW
DefWindowProcA
LoadCursorA
RegisterClassW
CreateWindowExW
RegisterClassA
CreateWindowExA
GetWindowThreadProcessId
SendMessageW
SendMessageA
PeekMessageA
TranslateMessage
DispatchMessageA
EnumWindows
IsWindowUnicode
PackDDElParam
PostMessageW

gdi32

SelectObject
BitBlt
DeleteObject
CreatePalette
CreateDCA
SelectPalette
RealizePalette
CreateDIBitmap
DeleteDC
CreateCompatibleDC

Sections

.text
Size: - Virtual size: 461KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text1
Size: 380KB - Virtual size: 384KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 52KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 76KB - Virtual size: 192KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 856KB - Virtual size: 896KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
TurboFTP/turboftp.chm
.chm
TurboFTP/注册码.txt

Sharing

General

Malware Config

Signatures

Files

0539a31253f066f6315e4c0a3a3568dd

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: - Virtual size: 1.3MB

.rdata Size: - Virtual size: 236KB

.data Size: - Virtual size: 135KB

.text1 Size: 384KB - Virtual size: 384KB

.adata Size: 52KB - Virtual size: 64KB

.data1 Size: 76KB - Virtual size: 192KB

.pdata Size: 1.4MB - Virtual size: 1.4MB

.rsrc Size: 392KB - Virtual size: 392KB

fdcba7f28f93206cf4b52730b9a0e7ae

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

Sections

.text Size: 312KB - Virtual size: 311KB

.rdata Size: 80KB - Virtual size: 78KB

.data Size: 12KB - Virtual size: 25KB

SHARDATA Size: 4KB - Virtual size: 4B

.rsrc Size: 60KB - Virtual size: 58KB

8962670a82083336ca0a3d2f50c8183d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

Exports

Exports

Sections

.text Size: 104KB - Virtual size: 101KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 24KB - Virtual size: 22KB

.rsrc Size: 4KB - Virtual size: 2KB

.reloc Size: 8KB - Virtual size: 6KB

Headers

File Characteristics

Sections

.rsrc Size: 176KB - Virtual size: 175KB

.reloc Size: 4KB - Virtual size: 12B

Headers

File Characteristics

Sections

.rsrc Size: 128KB - Virtual size: 127KB

.reloc Size: 4KB - Virtual size: 12B

Headers

File Characteristics

Sections

.rsrc Size: 208KB - Virtual size: 205KB

.reloc Size: 4KB - Virtual size: 12B

Headers

File Characteristics

Sections

.rsrc Size: 212KB - Virtual size: 209KB

.reloc Size: 4KB - Virtual size: 12B

Headers

.text
Size: - Virtual size: 1.3MB

.rdata
Size: - Virtual size: 236KB

.data
Size: - Virtual size: 135KB

.text1
Size: 384KB - Virtual size: 384KB

.adata
Size: 52KB - Virtual size: 64KB

.data1
Size: 76KB - Virtual size: 192KB

.pdata
Size: 1.4MB - Virtual size: 1.4MB

.rsrc
Size: 392KB - Virtual size: 392KB

.text
Size: 312KB - Virtual size: 311KB

.rdata
Size: 80KB - Virtual size: 78KB

.data
Size: 12KB - Virtual size: 25KB

SHARDATA
Size: 4KB - Virtual size: 4B

.rsrc
Size: 60KB - Virtual size: 58KB

.text
Size: 104KB - Virtual size: 101KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 24KB - Virtual size: 22KB

.rsrc
Size: 4KB - Virtual size: 2KB

.reloc
Size: 8KB - Virtual size: 6KB

.rsrc
Size: 176KB - Virtual size: 175KB

.reloc
Size: 4KB - Virtual size: 12B

.rsrc
Size: 128KB - Virtual size: 127KB

.reloc
Size: 4KB - Virtual size: 12B

.rsrc
Size: 208KB - Virtual size: 205KB

.reloc
Size: 4KB - Virtual size: 12B

.rsrc
Size: 212KB - Virtual size: 209KB

.reloc
Size: 4KB - Virtual size: 12B

.rsrc
Size: 128KB - Virtual size: 127KB

.reloc
Size: 4KB - Virtual size: 12B

.rsrc
Size: 204KB - Virtual size: 201KB

.reloc
Size: 4KB - Virtual size: 12B

.rsrc
Size: 152KB - Virtual size: 149KB

.reloc
Size: 4KB - Virtual size: 12B

.rsrc
Size: 192KB - Virtual size: 191KB

.reloc
Size: 4KB - Virtual size: 12B

.rsrc
Size: 192KB - Virtual size: 190KB

.reloc
Size: 4KB - Virtual size: 12B

.rsrc
Size: 184KB - Virtual size: 183KB

.reloc
Size: 4KB - Virtual size: 12B

.rsrc
Size: 204KB - Virtual size: 203KB

.reloc
Size: 4KB - Virtual size: 12B

.rsrc
Size: 192KB - Virtual size: 191KB

.reloc
Size: 4KB - Virtual size: 12B

.text
Size: 512KB - Virtual size: 509KB

fipstx
Size: 156KB - Virtual size: 153KB

.rdata
Size: 232KB - Virtual size: 231KB

.data
Size: 56KB - Virtual size: 68KB

fipsrd
Size: 20KB - Virtual size: 18KB

fipsda
Size: 4KB - Virtual size: 2KB