InitHook
Static task
static1
General
-
Target
SppExtComObjHook.dll
-
Size
15KB
-
MD5
a1bfb666f2fd085567fd7f10aa9ee0eb
-
SHA1
b61dc84c23947a3d1deb6866b95eaf566ad9d75e
-
SHA256
682ae3f26428cff3a6c5a1d84022650f8a818838eeaefcb6071b813169d3d6f6
-
SHA512
35a3c9364bb42390973cfef129ec55b25010d32439cd1d57678175bdbf017844636de0e54eca8adfd5ecf5b9515b1d1c13be0c6d15e97b8df2a9f3b06b9683fe
-
SSDEEP
384:LfIJIlOd6XKDxtHuUVGrQ7Pnp9RcDL1/MZElFBDx:TIJIlOd6i/V1D/RDwDx
Score
1/10
Malware Config
Signatures
Files
-
SppExtComObjHook.dll.dll windows x64
63a76c31d70c29e01d71b628052a98be
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
msvcrt
_wcsupr
wcsstr
_stricmp
_time64
_localtime64
_vsnwprintf
wcsrchr
wcslen
_errno
memcmp
wcstoul
_wcsicmp
memset
memcpy
kernel32
GetSystemDefaultLCID
GetProcessHeap
GetModuleFileNameW
GetCurrentProcess
SetEvent
GetCurrentThread
GetLastError
SetLastError
GetProcAddress
DisableThreadLibraryCalls
GetModuleHandleA
VirtualProtect
WriteProcessMemory
HeapAlloc
advapi32
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
CryptHashData
CryptDestroyHash
CryptDecrypt
CryptDestroyKey
CryptCreateHash
CryptEncrypt
CryptImportKey
CryptGenRandom
CryptReleaseContext
CryptSetKeyParam
CryptAcquireContextW
CryptSetHashParam
CryptGetHashParam
Exports
Exports
Sections
.text Size: 8KB - Virtual size: 7KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1024B - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 512B - Virtual size: 492B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 80B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ