WndHooksInstaller[.]dll

Sharing

Copy URL

Twitter E-mail

General

Target

WndHooksInstaller.dll
Size

108KB
MD5

458147edbe7fd6397750f1927827d0b5
SHA1

01f6868a192889e01248720efda4cf751c52cadd
SHA256

289547f656ca41ff0d5405c013c10e642746c6c7d7ad18e7713cc8037ca68f33
SHA512

2151d242c3cee30fdde9d3f35e11509310dccec2b7b4c3cf222fddc8b71f73459c2a625ec8ef9718cab4f26beb7d7e2463163cffed7c4f077832a37b66f3127a
SSDEEP

1536:Ybnv/jMiNgDFDFwFV/avBRUayz2kEJwKm8Fci7ClGCQ04Xasx:YbnvL2FRBAayZo7ClGCiXaQ

Score

N/A

Malware Config

Signatures

Files

WndHooksInstaller.dll
.dll regsvr32 windows x86

9983efc20d2ac2cd04c1b07a25b46ef2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

windowshooksu

Init
SetFilter
InstallHook

kernel32

lstrlenW
InterlockedDecrement
InterlockedIncrement
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
FlushFileBuffers
SetStdHandle
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
DisableThreadLibraryCalls
Sleep
GetModuleFileNameW
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetVersionExW
GetCurrentProcessId
GetModuleHandleW
VirtualProtect
CloseHandle
HeapReAlloc
GetVersionExA
RaiseException
RtlUnwind
ExitProcess
HeapFree
GetCurrentThreadId
GetCommandLineA
HeapAlloc
TlsAlloc
SetLastError
GetLastError
TlsFree
TlsSetValue
TlsGetValue
GetProcAddress
GetModuleHandleA
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
GetModuleFileNameA
TerminateProcess
GetCurrentProcess
HeapSize
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
VirtualQuery
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
UnhandledExceptionFilter
WriteFile
IsBadReadPtr
IsBadCodePtr
GetOEMCP
GetCPInfo
LoadLibraryA
SetFilePointer
MultiByteToWideChar
GetSystemInfo

advapi32

RegCloseKey
RegDeleteValueW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW

ole32

CoTaskMemFree
StringFromCLSID
CoCreateInstance

oleaut32

SysStringLen
LoadTypeLi
LoadRegTypeLi
SysAllocString
RegisterTypeLi
SysFreeString
SafeArrayUnlock
SafeArrayLock
SafeArrayDestroyData
SafeArrayDestroyDescriptor
SafeArrayGetElement

atl71

ord55
ord15
ord64
ord61
ord49
ord56
ord31
ord32
ord58
ord18
ord22
ord23

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9983efc20d2ac2cd04c1b07a25b46ef2

Headers

File Characteristics

Imports

windowshooksu

kernel32

advapi32

ole32

oleaut32

atl71

Exports

Exports

Sections

.text Size: 52KB - Virtual size: 50KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 4KB - Virtual size: 9KB

.rsrc Size: 28KB - Virtual size: 27KB

.reloc Size: 8KB - Virtual size: 5KB

.text
Size: 52KB - Virtual size: 50KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 4KB - Virtual size: 9KB

.rsrc
Size: 28KB - Virtual size: 27KB

.reloc
Size: 8KB - Virtual size: 5KB