a5f932e63cfdf819d2d229decc22eed4719e8283b268e41a56a5270dd39f4386

Sharing

Copy URL

Twitter E-mail

General

Target

a5f932e63cfdf819d2d229decc22eed4719e8283b268e41a56a5270dd39f4386
Size

148KB
MD5

4e56514dc7045d0a7d64a220284318a0
SHA1

b980a385feb709e148706a618f98fa4fa5d3f7db
SHA256

a5f932e63cfdf819d2d229decc22eed4719e8283b268e41a56a5270dd39f4386
SHA512

160c7a01d955391d37190929c016801a6b1cfdcff9ae65d9480c3c40cb8933ec3d04e5c37505fa27c98daa1df8735db1053c7a97b2588164b9ca0b45bc86106e
SSDEEP

3072:O5J4P+mMSSjCZ8s6l+so4FsgdPKZpYS3iKwgdc:8J4P+QNwsgeawNwgd

Score

N/A

Malware Config

Signatures

Files

a5f932e63cfdf819d2d229decc22eed4719e8283b268e41a56a5270dd39f4386
.dll windows x86

11d23dcd05e15ac14fda1631a637a07c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
LocalFree
GetCurrentProcess
CloseHandle
CreateDirectoryA
OpenEventA
ExitProcess
CreateProcessA
MapViewOfFile
UnmapViewOfFile
InterlockedIncrement
GetComputerNameA
GetVolumeInformationA
HeapAlloc
LeaveCriticalSection
GetModuleFileNameA
HeapFree
CopyFileA
GetProcAddress
WriteProcessMemory
EnterCriticalSection
CreateMutexW
InterlockedDecrement
GetTickCount
GlobalFree
CreateEventA
GetProcessHeap
GetCommandLineA
InterlockedCompareExchange
LoadLibraryA
GetLastError
ReadProcessMemory
WriteFile
CreateFileA
OpenFileMappingA
GlobalAlloc
Sleep
CreateFileMappingA
SetLastError
GetModuleHandleA
TerminateProcess

ole32

CoSetProxyBlanket
OleSetContainedObject
OleCreate
CoCreateInstance
CoUninitialize
CoCreateGuid
CoInitialize
CoTaskMemAlloc

user32

SendMessageA
GetWindowLongA
SetWindowsHookExA
GetClassNameA
SetWindowLongA
DestroyWindow
GetCursorPos
DispatchMessageA
GetMessageA
GetSystemMetrics
PostQuitMessage
GetParent
PeekMessageA
UnhookWindowsHookEx
DefWindowProcA
KillTimer
ClientToScreen
ScreenToClient
GetWindow
TranslateMessage
RegisterWindowMessageA
FindWindowA
CreateWindowExA
SetTimer
GetWindowThreadProcessId

oleaut32

SysFreeString
SysAllocString
SysStringLen
SysAllocStringLen

shlwapi

StrStrIW
UrlUnescapeW

advapi32

GetUserNameA
RegOpenKeyExA
RegCreateKeyExA
DuplicateTokenEx
RegDeleteKeyA
RegCloseKey
SetTokenInformation
RegQueryValueExA
OpenProcessToken
RegSetValueExA
RegDeleteValueA

shell32

SHGetFolderPathA

Exports

Exports

lanapivga

Sections

.text
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

11d23dcd05e15ac14fda1631a637a07c

Headers

File Characteristics

Imports

kernel32

ole32

user32

oleaut32

shlwapi

advapi32

shell32

Exports

Exports

Sections

.text Size: 120KB - Virtual size: 119KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 976B

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 120KB - Virtual size: 119KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 976B

.reloc
Size: 8KB - Virtual size: 6KB