CreateProcessNotify
scartver
Static task
static1
Behavioral task
behavioral1
Sample
14548d9fd5e154164fbafb0a7ebc8afc.dll
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
14548d9fd5e154164fbafb0a7ebc8afc.dll
Resource
win10v2004-20231215-en
Target
14548d9fd5e154164fbafb0a7ebc8afc
Size
56KB
MD5
14548d9fd5e154164fbafb0a7ebc8afc
SHA1
026bafcc252b3cb4f8bab15f5c1be4e2f58a1ced
SHA256
6e972fe07e121ff3b95dc1d408aa47c3cef2934c38386a277d76ee7baeb96b4b
SHA512
895f4b691f3ac28a9e591a29d4d85474215ae62eaa82fc7ff756a881c059eee9ccc042d8c014ed0f8ce808fd197f73621ee49125a28038485a164beeda87c185
SSDEEP
1536:jXqf0rC+5mjjWb8XN3aBQ+PJ+KeiCX87VwNo:jXqJ4qjX6PgPs7+N
Checks for missing Authenticode signature.
resource |
---|
14548d9fd5e154164fbafb0a7ebc8afc |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
UnhookWindowsHookEx
CallNextHookEx
ExitWindowsEx
FlashWindow
WindowFromPoint
KillTimer
DrawFocusRect
PostQuitMessage
ImmSetStatusWindowPos
ILSaveToStream
ILCreateFromPath
ILIsParent
ImmGetDescriptionA
ImmGetContext
ILAppendID
ExtractAssociatedIconExA
ImmLockIMCC
SdbFindFirstMsiPackage_Str
CallCPLEntry16
CtfImmLeaveCoInitCountSkipMode
IsUserAnAdmin
SetPermLayers
CtfImmCoUninitialize
DragQueryPoint
ImmDisableIME
ImmLockClientImc
RegenerateUserEnvironment
FreeIconList
ImmPenAuxInput
ImmGetConversionStatus
PrintersGetCommand_RunDLLA
SdbGetStandardDatabaseGUID
ImmNotifyIME
ILCombine
DoEnvironmentSubstA
FreeSid
RegQueryValueExA
ReadEncryptedFileRaw
RegFlushKey
OpenThreadToken
WriteEncryptedFileRaw
SetThreadContext
TerminateThread
InterlockedPopEntrySList
CreateNamedPipeA
InterlockedPushEntrySList
WaitForMultipleObjects
CompareStringA
CreateIoCompletionPort
GetNamedPipeHandleStateA
GetEnvironmentVariableA
GetFileTime
ConnectNamedPipe
GetThreadIOPendingFlag
ConvertDefaultLocale
SetFilePointer
CreateFileA
FileTimeToSystemTime
OpenThread
CreateFileMappingA
SetThreadPriority
RegisterWaitForSingleObject
GetModuleHandleA
WaitForSingleObjectEx
SetFilePointerEx
GetStringTypeA
VirtualQueryEx
MapViewOfFile
ReadFile
RegisterWaitForInputIdle
GetSystemDefaultLCID
GetFirmwareEnvironmentVariableA
GetFileAttributesA
UnmapViewOfFile
CoInitializeSecurity
NetShareEnum
_aulldvrm
CreateProcessNotify
scartver
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ