3f750d2db1d418bc60858168ff421a35fdb5f92cc6e2252ef61156b4e69ba5cf

General

Target

3f750d2db1d418bc60858168ff421a35fdb5f92cc6e2252ef61156b4e69ba5cf
Size

48KB
MD5

63a7add04a332fc54e0810cb6d8c2a70
SHA1

7d34fe229ca6a5639cf6e22677d355e5cc619d35
SHA256

3f750d2db1d418bc60858168ff421a35fdb5f92cc6e2252ef61156b4e69ba5cf
SHA512

0e0ea4c7020e35c091522205f9519a11096b79f118742ec3d4f3e4a3756be96b66db632965e3ec5a338ae80888c4cea72d81cfe5b00a34092d9a72bdd272a758
SSDEEP

768:fXsebh/A74viodRAPYlRF10IY6KT77vuMPnkhBYC2ATpE7Cx5XkEFmA:f8el4EioLAAl/10IWH7vuMP8atATcCxT

Score

N/A

Malware Config

Signatures

Files

3f750d2db1d418bc60858168ff421a35fdb5f92cc6e2252ef61156b4e69ba5cf
.dll windows x86

270dc5d5a777c4fe2c25a727637992cd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ipsesdmo

PifMgr_GetProperties
ImmSetCompositionWindow
ExtractIconA
ImmGetOpenStatus
ImmSetCandidateWindow
SdbReadQWORDTagRef
RealShellExecuteExA
SdbReadQWORDTag
ImmUnlockImeDpi
ImmDestroyContext
FindExecutableA
ImmLockIMC
SdbFindFirstTag
SdbReleaseDatabase
DriveType
ILGetSize
SdbReadMsiTransformInfo
ILFindLastID
PathIsExe
ImmSetActiveContextConsoleIME
ImmWINNLSEnableIME
GetFileNameFromBrowse
SdbReadStringTag
ILSaveToStream
PrintersGetCommand_RunDLL
PathQualify
SdbReadBinaryTag
ImmPutImeMenuItemsIntoMappedFile
SdbReadDWORDTag
Activate_RunDLL
DragQueryFileA
SdbQueryData
RegenerateUserEnvironment
CtfImmEnterCoInitCountSkipMode
SdbUnregisterDatabase
ImmGetIMCCLockCount
DllInstall
DAD_DragMove
ImmLoadIME

kernel32

WaitForMultipleObjects
HeapReAlloc
WriteFile
SetFilePointer
RtlZeroMemory
UnmapViewOfFile
LocalAlloc
GetFileTime
ReadFile
GetCurrentProcess
GetProcessHeaps
DosDateTimeToFileTime
FreeEnvironmentStringsA
OpenThread
GetEnvironmentStringsA
CreateFileA
CreateFileMappingA
HeapFree
ConnectNamedPipe
SetThreadIdealProcessor
LocalReAlloc
GetSystemInfo
MapViewOfFile
FileTimeToSystemTime
VirtualQueryEx
HeapAlloc
ReadFileEx
lstrcmpiA
GetModuleHandleA
GetThreadIOPendingFlag

Exports

Exports

CreateProcessNotify
HPZipubw

Sections

.text
Size: 32KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

270dc5d5a777c4fe2c25a727637992cd

Headers

File Characteristics

Imports

ipsesdmo

kernel32

Exports

Exports

Sections

.text Size: 32KB - Virtual size: 36KB

.rdata Size: 2KB - Virtual size: 4KB

.data Size: 11KB - Virtual size: 12KB

.rsrc Size: 512B - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 4KB

.text
Size: 32KB - Virtual size: 36KB

.rdata
Size: 2KB - Virtual size: 4KB

.data
Size: 11KB - Virtual size: 12KB

.rsrc
Size: 512B - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 4KB