GetMsgHookOff
GetMsgHookOn
ThreadPro
Behavioral task
behavioral1
Sample
bb679977c59acacdc404c2195721de2aa70c234780141e005bf91a59837fa82f.dll
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
bb679977c59acacdc404c2195721de2aa70c234780141e005bf91a59837fa82f.dll
Resource
win10v2004-20220812-en
Target
bb679977c59acacdc404c2195721de2aa70c234780141e005bf91a59837fa82f
Size
60KB
MD5
1b988960df618c44ffdfa55d90fe9f9d
SHA1
8ab976f59685db92803299767fbf56db0a02d9d1
SHA256
bb679977c59acacdc404c2195721de2aa70c234780141e005bf91a59837fa82f
SHA512
546f7c4c6824a03772a1d56f62c358722a1688e48eaf7dd9a2bc6baa2b3624d4893919f7f4b878b6ac198f9e89f00b52770864a459c44b38b564a9cb26faf916
SSDEEP
768:0C7IqdStQUw5CITcYgUAuLTnnzNppkIW:DEqYtQZ5CIPzNHk3
Processes:
resource | yara_rule |
---|---|
sample | modiloader_stage2 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
GetMsgHookOff
GetMsgHookOn
ThreadPro
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE