Hkeyboard[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

Hkeyboard.dll
Size

33KB
MD5

4a449d5687e257458645a5c90d14bc98
SHA1

ab6ebd35d53a88f1d0765eda9445cbee4bb3220c
SHA256

6ad45c471c01e0d34b1b84d7407ab62ae4d28b2300371787b81d25bab6852501
SHA512

e62bfb7fa61b2dec3b129f4e9090fb046b43e0efdb7ae5e2eed3353d68a06562292f2a88d8e78c908f4ff8f6fb52ea7435ecf9e6d623a6e7d3b49205140177a4
SSDEEP

384:e2jMe1NGfNdpRJ/uArSku5BhN8AM/tTSDiScEhcfQloS+1nu6EDHJ59sd1+C3vyb:bD2wESh57N6ZSDrhLFmnTEDi3vyj3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Hkeyboard.dll

Files

Hkeyboard.dll
.dll windows x86

1b669a2d58b807d51f86852e6e75d3cb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
Sleep
ReadFile
GetProcAddress
VirtualAlloc
DisableThreadLibraryCalls
LoadLibraryA
IsDebuggerPresent
CloseHandle
lstrcpyW
HeapSize
GetStringTypeW
GetCurrentThreadId
DecodePointer
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
GetModuleHandleW
SetLastError
GetLastError
InterlockedDecrement
HeapFree
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapAlloc
HeapReAlloc
LoadLibraryW
WriteFile
GetModuleFileNameW
RtlUnwind
LCMapStringW
MultiByteToWideChar
IsProcessorFeaturePresent

user32

MessageBoxA

Exports

Exports

?InstallKBHook@@YAHXZ
?SetDisablePrintScreen@@YAXH@Z
?UnInstallKBHook@@YAHXZ

Sections

.text
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1b669a2d58b807d51f86852e6e75d3cb

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 18KB - Virtual size: 17KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 3KB - Virtual size: 14KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 18KB - Virtual size: 17KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 3KB - Virtual size: 14KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 2KB - Virtual size: 1KB