808d642bc1fa9aa7629e2e30a950f5f62ceba25d34a9347f66a6cdd6706e1be1

General

Target

808d642bc1fa9aa7629e2e30a950f5f62ceba25d34a9347f66a6cdd6706e1be1
Size

49KB
MD5

cac55f3b81c928f6bbaa53d46abc34be
SHA1

1b4852b205e6c8fef0021568954dd8315b1fbf1f
SHA256

808d642bc1fa9aa7629e2e30a950f5f62ceba25d34a9347f66a6cdd6706e1be1
SHA512

8b82c524e68de55a2f106427990a5b04c7b7ecf3671b907910dfee538dbc992e6d30c04da8fccb964efb028fb49cf8ef2a772df85c660de5839b5da3dc80b6ef
SSDEEP

768:ios1O+3bQ9CNaDItulvQp/Loye7cXbSQdOh1Fe3FL1C6XIgnSXEgQ:Lm1taDAulv6E77cuJ3Ct1VXfSUgQ

Score

N/A

Malware Config

Signatures

Files

808d642bc1fa9aa7629e2e30a950f5f62ceba25d34a9347f66a6cdd6706e1be1
.dll windows x86

27028f9c5b0d6b7e7a2324eb5bc3f485

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

polspsrv

DoEnvironmentSubstA
wcsncat
cos
Options_RunDLL
ImmSendIMEMessageExA
vDbgPrintEx
ImmCallImeConsoleIME
DAD_ShowDragImage
iscntrl
DllGetVersion
ExtractIconA
ImmAssociateContext
memcpy
DuplicateIcon
wcslen
CtfImmLastEnabledWndDestroy
ILFindLastID
iswctype
ImmUnregisterWordA
strchr
DAD_SetDragImage
strcmp
towlower

kernel32

SetFilePointer
HeapFree
GetFileAttributesExA
GetCurrentDirectoryA
CreateNamedPipeA
SleepEx
GetSystemTimeAdjustment
IsProcessorFeaturePresent
OpenThread
GetFileTime
SetFirmwareEnvironmentVariableA
CreateFileMappingA
FileTimeToSystemTime
InterlockedFlushSList
CreateFileA
WaitForMultipleObjects
MapViewOfFileEx
VirtualQuery
UnmapViewOfFile
GetThreadIOPendingFlag
CreateEventA
GetSystemTime
ExitProcess
GetNamedPipeHandleStateA
ReadFile
MapViewOfFile
HeapAlloc

Exports

Exports

CreateProcessNotify
extrxext

Sections

.text
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

27028f9c5b0d6b7e7a2324eb5bc3f485

Headers

File Characteristics

Imports

polspsrv

kernel32

Exports

Exports

Sections

.text Size: 32KB - Virtual size: 32KB

.rdata Size: 1KB - Virtual size: 4KB

.data Size: 11KB - Virtual size: 12KB

.rsrc Size: 3KB - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 4KB

.text
Size: 32KB - Virtual size: 32KB

.rdata
Size: 1KB - Virtual size: 4KB

.data
Size: 11KB - Virtual size: 12KB

.rsrc
Size: 3KB - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 4KB