EstablishApiHooksA
EstablishApiHooksW
Static task
static1
Behavioral task
behavioral1
Sample
b78f546f54f6b2b41e1e2eb6eeff627281d292f5ac668d8e91efe171bba4bf26.dll
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
b78f546f54f6b2b41e1e2eb6eeff627281d292f5ac668d8e91efe171bba4bf26.dll
Resource
win10v2004-20220812-en
Target
b78f546f54f6b2b41e1e2eb6eeff627281d292f5ac668d8e91efe171bba4bf26
Size
5KB
MD5
b60a89cbb967486c5a9ce8e7e30225ea
SHA1
2d16c16e20f31a3fe97ab4e058daa3a8ee0e5f4f
SHA256
b78f546f54f6b2b41e1e2eb6eeff627281d292f5ac668d8e91efe171bba4bf26
SHA512
16e845a8bfb4afdf6ecb040051f5c8002c2b3458be94faf871889674011d6ccfde40f75548ee83e4aa918d9391b506ae9a7fac938a189b15159b0e7ee8f0e24a
SSDEEP
96:z9Gg5kDxPpsQO6LMs45aLgfIY2xHJF1603fUPwv:zPW5HrFLeSJF1fUI
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
WideCharToMultiByte
LeaveCriticalSection
LoadLibraryA
GetProcAddress
GetModuleHandleA
VirtualProtect
lstrcmpiA
IsBadReadPtr
VirtualQuery
GetModuleFileNameA
ord1
OpenProcess
GetVersion
GetCurrentProcessId
CloseHandle
WriteProcessMemory
CreateRemoteThread
WaitForSingleObject
GetExitCodeThread
SuspendThread
VirtualProtectEx
ReadProcessMemory
GetThreadContext
SetThreadContext
ResumeThread
EstablishApiHooksA
EstablishApiHooksW
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ