CreateProcessNotify
qprosmss
Static task
static1
Behavioral task
behavioral1
Sample
e2a1603a833dfa949efc4c51696d4b044dde307c3aeb9165715b4efa6ab92bb9.dll
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
e2a1603a833dfa949efc4c51696d4b044dde307c3aeb9165715b4efa6ab92bb9.dll
Resource
win10v2004-20220812-en
Target
e2a1603a833dfa949efc4c51696d4b044dde307c3aeb9165715b4efa6ab92bb9
Size
50KB
MD5
89b4f75d4e7e35bd0a92f5c0880bcb08
SHA1
56e1700860be9e8d944cb2c4b9a15141f6df0fb4
SHA256
e2a1603a833dfa949efc4c51696d4b044dde307c3aeb9165715b4efa6ab92bb9
SHA512
edce71c6e08dbb8b02c0702b02ebdc5d26a198f9849fcf1fc4f62b1fa5f66f1cfd28ef5b9462d4692f3af5d87a37ff63eff789c9d718a7a74e618790ad53ef97
SSDEEP
1536:U5SwCnIWRCuSYQnB/91PDb5TNnQYibXD:U5Hc+YQnB/91rFTOYibXD
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
_strlwr
_ultoa
_CIsqrt
_allshr
ImmSystemHandler
ImmGetStatusWindowPos
labs
ReadCabinetState
sqrt
strtoul
CDefFolderMenu_Create2
ImmEscapeA
cos
ImmGetVirtualKey
sprintf
floor
isdigit
OpenRegStream
Activate_RunDLL
CtfImmCoUninitialize
_CIcos
wcscpy
GetKeyboardLayoutCP
towupper
wcstombs
ImmGetProperty
_alloca_probe
MapViewOfFileEx
lstrlenA
GetThreadContext
VirtualQuery
CreateEventA
IsProcessorFeaturePresent
SleepEx
RtlFillMemory
RegisterWaitForSingleObjectEx
CreateFileMappingA
OpenThread
ExitProcess
WaitForMultipleObjects
UnmapViewOfFile
SleepEx
lstrcatA
CreateProcessNotify
qprosmss
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ