Keyscape[.]dll

Sharing

Copy URL

Twitter E-mail

General

Target

Keyscape.dll
Size

28.7MB
MD5

c21a368ec5cda834d05427215d133ad7
SHA1

4bf1782edce18a69790d4367ecfe354db7d67ccf
SHA256

18f86e3e7e60516f4e78be5eb30e4715263df9ca7624f5fee070845d27d7f288
SHA512

db10da10347a69fd2ba813986a7cd97032073262d6aaebfa806892aaec246f78a6e43075081ce39afcc9c5163aec76e0fdc467f3cd135c5e1021bc63cda3d9b8
SSDEEP

393216:ifn2AIWCby4rsgKFwaJ2JTzEys2jJknCt2OCAC7ksz/8t:ifn2ZrsgnBJTzuyJlt2OCAC7ky/8t

Score

N/A

Malware Config

Signatures

Files

Keyscape.dll
.dll windows x64

5431b6614a8c0a35a6a9a49d9c340d07

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

psapi

GetModuleBaseNameA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

wininet

InternetCheckConnectionA

kernel32

lstrcmpA
FileTimeToSystemTime
lstrcmpW
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
MoveFileA
DeleteFileA
ReadFile
FlushFileBuffers
SetEndOfFile
GetFullPathNameA
GlobalFlags
GetLocaleInfoA
GetCPInfo
GetOEMCP
FileTimeToLocalFileTime
GetCurrentDirectoryA
HeapReAlloc
FlsSetValue
GetCommandLineA
GetSystemTimeAsFileTime
GetDriveTypeA
HeapSize
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GlobalGetAtomNameA
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
RaiseException
RtlPcToFileHeader
GetDriveTypeW
RtlUnwindEx
HeapQueryInformation
ExitProcess
SetStdHandle
GetFileType
GetConsoleCP
GetConsoleMode
GetStdHandle
EncodePointer
DecodePointer
FlsGetValue
FlsFree
FlsAlloc
HeapSetInformation
HeapCreate
HeapDestroy
SetHandleCount
GetStartupInfoA
GetACP
IsValidCodePage
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
LCMapStringA
LCMapStringW
GetFullPathNameW
GetTimeZoneInformation
InitializeCriticalSectionAndSpinCount
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetLocaleInfoW
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
CompareStringW
SetEnvironmentVariableA
GetModuleHandleW
CompareStringA
GlobalSize
FormatMessageA
lstrlenA
GetModuleHandleA
LocalReAlloc
TlsSetValue
GlobalHandle
GlobalReAlloc
TlsAlloc
TlsGetValue
LocalFree
LocalAlloc
GetVersionExA
FreeLibrary
SetLastError
HeapFree
GetProcessHeap
HeapAlloc
GlobalMemoryStatus
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GlobalLock
GlobalUnlock
GetCurrentProcessId
CreateToolhelp32Snapshot
Process32First
Process32Next
WinExec
PeekNamedPipe
ReleaseSemaphore
WaitForMultipleObjects
ExitThread
CreateSemaphoreA
CreateEventA
CreateThread
SetThreadPriority
FindResourceA
LoadResource
SizeofResource
LockResource
GetLocalTime
QueryPerformanceFrequency
QueryPerformanceCounter
CreateDirectoryW
GlobalAlloc
GlobalFree
FindFirstFileW
FindNextFileW
CreateFileW
GetFileSizeEx
GetModuleHandleExA
GetModuleFileNameA
WideCharToMultiByte
MultiByteToWideChar
VirtualUnlock
VirtualLock
SetProcessWorkingSetSize
GetCurrentThreadId
GetCurrentProcess
RemoveDirectoryA
Sleep
FindFirstFileA
FindClose
GetWindowsDirectoryA
GetSystemTime
SystemTimeToFileTime
CopyFileA
SetFileAttributesA
SetFilePointer
WriteFile
SetFileTime
GetSystemDirectoryA
LoadLibraryA
GetProcAddress
GetTickCount
GetDiskFreeSpaceExA
CreateFileA
GetLastError
GetFileInformationByHandle
ReleaseMutex
WaitForSingleObject
CloseHandle
CreateMutexA
IsDebuggerPresent

user32

WindowFromPoint
SetCapture
InvalidateRect
PostQuitMessage
EndPaint
BeginPaint
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
DestroyMenu
GetMenuItemInfoA
ClientToScreen
SetWindowTextA
RegisterWindowMessageA
LoadIconA
WinHelpA
GetCapture
GetClassLongA
GetClassNameA
GetClassLongPtrA
SetPropA
GetPropA
RemovePropA
IsWindow
SetFocus
GetForegroundWindow
GetDlgItem
GetTopWindow
DestroyWindow
GetWindowLongPtrA
SetWindowLongPtrA
GetMessageTime
MapWindowPoints
TrackPopupMenu
SetMenu
SetForegroundWindow
GetClientRect
PostMessageA
CreateWindowExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
CopyRect
PtInRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowPos
CreateWindowExW
SetWindowLongPtrW
SendMessageW
GetWindowTextW
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetWindow
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
GetFocus
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetWindowTextA
CreatePopupMenu
GetUpdateRgn
TrackMouseEvent
DrawTextW
GetCursor
GetDoubleClickTime
GetAsyncKeyState
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
SetWindowsHookExA
CallNextHookEx
GetMessagePos
ReleaseCapture
DispatchMessageA
GetKeyState
PeekMessageA
GetCursorPos
ValidateRect
UnregisterClassA
GetMenuState
AppendMenuA
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetWindowThreadProcessId
SendMessageA
GetWindowLongA
GetParent
GetLastActivePopup
IsWindowEnabled
EnableWindow
UnhookWindowsHookEx
OpenClipboard
GetClipboardData
CloseClipboard
EmptyClipboard
SetClipboardData
GetSystemMetrics
MessageBoxA
wsprintfA
LoadCursorA
SetCursor
SetMenuItemInfoA
AppendMenuW
GetClassInfoExA

gdi32

ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetStockObject
SetViewportExtEx
CreateSolidBrush
SetViewportOrgEx
OffsetViewportOrgEx
Escape
TextOutA
RectVisible
PtVisible
SelectObject
CreateDIBSection
CreateFontIndirectW
DeleteObject
DeleteDC
CreateRectRgn
SetMapMode
SetBkMode
RestoreDC
SaveDC
GetTextExtentPoint32A
ExtTextOutA
CreateFontIndirectA
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
GetDeviceCaps

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

shell32

SHCreateItemFromParsingName
DragQueryFileA
SHGetFolderPathA
ShellExecuteA

ole32

CoInitialize
CoCreateInstance
OleUninitialize
OleInitialize
RegisterDragDrop
RevokeDragDrop

oleaut32

VariantChangeType
VariantInit
VariantClear

ws2_32

WSAStartup

oleacc

LresultFromObject
CreateStdAccessibleObject

gdiplus

GdipCreateHBITMAPFromBitmap
GdipCloneBrush
GdipAlloc
GdipFree
GdipDisposeImage
GdipGetImageWidth
GdipGetImageHeight
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipCloneBitmapAreaI
GdipCloneImage
GdipCreateImageAttributes
GdipDisposeImageAttributes
GdipDeleteBrush
GdipSetSolidFillColor
GdipCreatePen1
GdipDeletePen
GdipCreatePath
GdipDeletePath
GdipDeleteGraphics
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromResource
GdiplusStartup
GdipSetImageAttributesColorMatrix
GdipCreateSolidFill
GdipSetPenWidth
GdipSetPenColor
GdipSetPenDashStyle
GdipAddPathArc
GdipCreateFromHDC
GdipGetImageGraphicsContext
GdipReleaseDC
GdipSetInterpolationMode
GdipSetSmoothingMode
GdipSetPixelOffsetMode
GdipSetPageUnit
GdipDrawLines
GdipDrawLineI
GdipDrawRectangle
GdipDrawPolygon
GdipDrawPath
GdipFillRectangle
GdipFillRectangleI
GdipFillPolygon
GdipFillPath
GdipDrawImageRectRectI
GdipSetClipRectI
GdipGetDC

Exports

Exports

main

Sections

.text
Size: 3.3MB - Virtual size: 3.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 739KB - Virtual size: 738KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6.3MB - Virtual size: 7.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 148KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 18.0MB - Virtual size: 18.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 166KB - Virtual size: 166KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5431b6614a8c0a35a6a9a49d9c340d07

Headers

File Characteristics

Imports

psapi

version

wininet

kernel32

user32

gdi32

winspool.drv

shell32

ole32

oleaut32

ws2_32

oleacc

gdiplus

Exports

Exports

Sections

.text Size: 3.3MB - Virtual size: 3.3MB

.rdata Size: 739KB - Virtual size: 738KB

.data Size: 6.3MB - Virtual size: 7.1MB

.pdata Size: 148KB - Virtual size: 148KB

.rsrc Size: 18.0MB - Virtual size: 18.0MB

.reloc Size: 166KB - Virtual size: 166KB

.text
Size: 3.3MB - Virtual size: 3.3MB

.rdata
Size: 739KB - Virtual size: 738KB

.data
Size: 6.3MB - Virtual size: 7.1MB

.pdata
Size: 148KB - Virtual size: 148KB

.rsrc
Size: 18.0MB - Virtual size: 18.0MB

.reloc
Size: 166KB - Virtual size: 166KB