8123ed3e214fed631bdca0157577c8afd6853eb017ca6e56166beff77817fd28

General

Target

8123ed3e214fed631bdca0157577c8afd6853eb017ca6e56166beff77817fd28
Size

52KB
MD5

899b002d5046a6d2f3ec15b438a870da
SHA1

c5955f743f6e53cd4c5af24764ba797758760829
SHA256

8123ed3e214fed631bdca0157577c8afd6853eb017ca6e56166beff77817fd28
SHA512

1c7b11ee55bd812e373b0e111954a8fe50a4e91b27fd8ccd5c5b3692ac56cb9ea3b8c43213fb796cc4c623dea3ba7b44ea50ab34fc8fb44080165b0817059699
SSDEEP

768:nXo3QM9UZMaUXDBt5k0i86vf6DNzxh5S0N+VkzZ7+QpvpOjWBVx6LoLt0ynziLJr:nXoXDDT9ibkTh5iklCQpoqBWMGyGLJM

Score

N/A

Malware Config

Signatures

Files

8123ed3e214fed631bdca0157577c8afd6853eb017ca6e56166beff77817fd28
.dll windows x86

6cc5faee3436799a438fc38a8639d450

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

idqls31

ILRemoveLastID
ImmPutImeMenuItemsIntoMappedFile
strtol
isxdigit
_alldiv
wcslen
CtfImmCoUninitialize
strrchr
ImmSetActiveContextConsoleIME
strncmp
IsUserAnAdmin
_aulldiv
IsLFNDriveA
CtfImmLeaveCoInitCountSkipMode
DoEnvironmentSubstA
isupper
CtfImmDispatchDefImeMessage
_wcsnicmp
iswctype
CtfImmSetAppCompatFlags

kernel32

SleepEx
OpenThread
VirtualQuery
CompareStringA
MapViewOfFile
SetThreadIdealProcessor
HeapFree
GetSystemTimeAdjustment
MapViewOfFileEx
HeapDestroy
TransactNamedPipe
UnmapViewOfFile
PostQueuedCompletionStatus
CreateIoCompletionPort
GetQueuedCompletionStatus
HeapCreate
CreateFileA
GetSystemTime
IsProcessorFeaturePresent
CreateNamedPipeA
CreateFileMappingA
HeapAlloc
SetFilePointer
CreateEventA
WaitForMultipleObjects
ExitProcess
ReadFile

Exports

Exports

CreateProcessNotify
5debbDgI

Sections

.text
Size: 35KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6cc5faee3436799a438fc38a8639d450

Headers

File Characteristics

Imports

idqls31

kernel32

Exports

Exports

Sections

.text Size: 35KB - Virtual size: 36KB

.rdata Size: 1KB - Virtual size: 4KB

.data Size: 7KB - Virtual size: 8KB

.rsrc Size: 6KB - Virtual size: 8KB

.reloc Size: 512B - Virtual size: 4KB

.text
Size: 35KB - Virtual size: 36KB

.rdata
Size: 1KB - Virtual size: 4KB

.data
Size: 7KB - Virtual size: 8KB

.rsrc
Size: 6KB - Virtual size: 8KB

.reloc
Size: 512B - Virtual size: 4KB