F:\Dock1.9.9.2\x64\Release\Dock_64.pdb
Static task
static1
1 signatures
General
-
Target
Dock_64.exe
-
Size
11.3MB
-
MD5
2f0f3bebc8551d83ebcad7f8bc12da1d
-
SHA1
4b4bddd9af05e311a7d7954f89f43c609ff989f3
-
SHA256
a7b46dada6578adad7f2cee3f62ac667ff76122cadcfe73c52ee275f1f3d5d6a
-
SHA512
c9619b97696329d9027b1532fd2be27db60a559e4e9db6ddddf387a5a29bb938a776536e9a76a054b6552ab395d725b8b4a68bdb1a4008ac660d283ede349df9
-
SSDEEP
196608:re0vN07TebS7XUuu9ZCbTLRLFte9znRsClSq:q0W7To6XUuunmNe9zR1l9
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource Dock_64.exe
Files
-
Dock_64.exe.exe windows:6 windows x64 arch:x64
641531b302ff83bc29d4c168e1252921
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
Imports
api-ms-win-core-com-l1-1-0
CoTaskMemAlloc
StringFromGUID2
CLSIDFromString
CoInitializeEx
CoGetInterfaceAndReleaseStream
CoInitializeSecurity
CoSetProxyBlanket
CoUninitialize
PropVariantClear
CoTaskMemFree
CoCreateInstance
CoMarshalInterThreadInterfaceInStream
CoCreateFreeThreadedMarshaler
api-ms-win-core-synch-l1-2-0
Sleep
api-ms-win-core-libraryloader-l1-2-1
LoadLibraryW
LoadLibraryA
FindResourceW
api-ms-win-core-libraryloader-l1-2-0
FreeLibrary
FreeLibraryAndExitThread
LoadLibraryExA
GetModuleFileNameW
LoadResource
GetProcAddress
GetModuleHandleW
LoadStringW
LoadLibraryExW
LockResource
SizeofResource
api-ms-win-ntuser-sysparams-l1-1-0
EnumDisplayDevicesW
GetMonitorInfoW
EnumDisplayMonitors
GetSystemMetrics
SystemParametersInfoW
oleaut32
SysAllocString
VariantInit
SysFreeString
VariantClear
CreateErrorInfo
SetErrorInfo
SysStringLen
VariantChangeType
GetErrorInfo
api-ms-win-core-io-l1-1-0
DeviceIoControl
api-ms-win-core-file-l1-1-0
UnlockFile
SetFilePointerEx
RemoveDirectoryA
CreateDirectoryA
CreateDirectoryW
FlushFileBuffers
DeleteFileA
CreateFileA
GetLogicalDriveStringsW
GetFileAttributesA
LockFile
FindNextFileA
FindFirstFileExW
SetFileAttributesW
FindFirstFileA
GetDriveTypeW
SetEndOfFile
GetVolumeInformationW
CreateFileW
GetShortPathNameW
GetDiskFreeSpaceExW
GetFileAttributesExA
GetFileSizeEx
GetFileAttributesExW
GetFileSize
ReadFile
GetFileTime
DeleteFileW
SetFileTime
GetFileType
FindNextFileW
SetFilePointer
FindClose
GetFileInformationByHandle
GetLongPathNameW
GetFileAttributesW
LocalFileTimeToFileTime
WriteFile
api-ms-win-core-handle-l1-1-0
DuplicateHandle
CloseHandle
d3dcompiler_47
D3DCompile
d3d11
CreateDirect3D11DeviceFromDXGIDevice
D3D11CreateDevice
api-ms-win-mm-time-l1-1-0
timeGetTime
timeEndPeriod
timeBeginPeriod
api-ms-win-core-processthreads-l1-1-0
OpenThread
GetCurrentProcessId
GetExitCodeProcess
TlsGetValue
GetExitCodeThread
OpenProcessToken
CreateProcessW
TlsSetValue
GetCurrentThread
SetPriorityClass
GetCurrentProcess
ExitProcess
TlsFree
TerminateProcess
GetCurrentThreadId
ResumeThread
TlsAlloc
ExitThread
CreateThread
api-ms-win-core-errorhandling-l1-1-0
SetErrorMode
SetUnhandledExceptionFilter
RaiseException
SetLastError
GetLastError
api-ms-win-core-processthreads-l1-1-1
OpenProcess
api-ms-win-core-file-l2-1-0
MoveFileExW
api-ms-win-core-kernel32-legacy-l1-1-0
CreateFileMappingA
MoveFileW
MoveFileA
GetComputerNameW
api-ms-win-core-file-l2-1-2
CopyFileW
api-ms-win-core-psapi-l1-1-0
QueryFullProcessImageNameW
K32GetProcessMemoryInfo
K32EnumProcesses
api-ms-win-core-kernel32-legacy-l1-1-1
SetDllDirectoryW
api-ms-win-core-debug-l1-1-0
OutputDebugStringA
IsDebuggerPresent
OutputDebugStringW
api-ms-win-core-localization-l1-2-0
GetLocaleInfoW
LCMapStringW
IsValidLocale
IsValidCodePage
EnumSystemLocalesW
FormatMessageW
GetUserDefaultLCID
GetOEMCP
GetACP
GetSystemDefaultLCID
FormatMessageA
api-ms-win-core-synch-l1-1-0
TryEnterCriticalSection
DeleteCriticalSection
CreateEventW
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
InitializeCriticalSection
WaitForSingleObject
SetWaitableTimer
OpenEventW
SetEvent
InitializeCriticalSectionEx
api-ms-win-service-management-l1-1-0
OpenSCManagerW
dwrite
DWriteCreateFactory
d2d1
ord2
ord1
api-ms-win-core-version-l1-1-0
VerQueryValueW
api-ms-win-core-version-l1-1-1
GetFileVersionInfoW
api-ms-win-core-sysinfo-l1-1-0
GetSystemDirectoryW
GlobalMemoryStatusEx
GetWindowsDirectoryW
GetSystemInfo
GetTickCount64
GetSystemTime
GetSystemTimeAsFileTime
GetLocalTime
api-ms-win-core-util-l1-1-0
DecodePointer
api-ms-win-appmodel-runtime-l1-1-0
GetPackageFamilyName
api-ms-win-core-privateprofile-l1-1-0
WritePrivateProfileStringW
GetPrivateProfileStringW
api-ms-win-core-file-ansi-l2-1-0
ReplaceFileA
api-ms-win-core-memory-l1-1-0
VirtualFreeEx
MapViewOfFile
CreateFileMappingW
OpenFileMappingW
VirtualQuery
ReadProcessMemory
VirtualAllocEx
UnmapViewOfFile
VirtualProtect
api-ms-win-core-file-l1-2-2
GetTempPathA
api-ms-win-core-heap-l2-1-0
GlobalFree
LocalAlloc
LocalFree
GlobalAlloc
api-ms-win-security-cryptoapi-l1-1-0
CryptAcquireContextA
CryptCreateHash
CryptReleaseContext
CryptHashData
CryptDestroyHash
CryptGetHashParam
api-ms-win-security-base-l1-1-0
GetTokenInformation
AdjustTokenPrivileges
crypt32
CryptStringToBinaryW
CryptStringToBinaryA
CryptBinaryToStringW
api-ms-win-core-registry-l1-1-0
RegCloseKey
RegEnumValueW
RegQueryInfoKeyW
RegNotifyChangeKeyValue
RegQueryValueExW
RegDeleteValueW
RegGetValueW
RegSetValueExW
RegOpenKeyExW
rpcrt4
UuidFromStringW
api-ms-win-devices-config-l1-1-1
CM_Get_Parent
CM_Get_DevNode_Status
api-ms-win-core-registry-l2-1-0
RegCreateKeyW
RegEnumKeyW
RegOpenKeyW
api-ms-win-core-heap-l1-1-0
HeapFree
HeapAlloc
HeapReAlloc
GetProcessHeap
HeapSize
api-ms-win-power-base-l1-1-0
CallNtPowerInformation
api-ms-win-core-processenvironment-l1-1-0
GetCommandLineW
SetStdHandle
SetCurrentDirectoryW
GetCommandLineA
GetCurrentDirectoryW
GetStdHandle
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetEnvironmentVariableW
ext-ms-win-networking-wlanapi-l1-1-0
WlanFreeMemory
WlanGetProfileList
WlanCloseHandle
WlanEnumInterfaces
WlanOpenHandle
WlanGetAvailableNetworkList
WlanSetProfile
WlanQueryInterface
ws2_32
WSACleanup
socket
WSAStartup
connect
iphlpapi
GetAdaptersInfo
api-ms-win-core-string-l1-1-0
MultiByteToWideChar
WideCharToMultiByte
CompareStringW
api-ms-win-core-heap-obsolete-l1-1-0
GlobalLock
GlobalUnlock
GlobalSize
api-ms-win-core-timezone-l1-1-0
GetTimeZoneInformation
FileTimeToSystemTime
SystemTimeToFileTime
api-ms-win-power-setting-l1-1-0
PowerGetActiveScheme
api-ms-win-core-datetime-l1-1-0
GetDateFormatW
GetTimeFormatW
api-ms-win-core-file-l1-2-0
GetVolumePathNamesForVolumeNameW
powrprof
PowerSetActiveScheme
SetSuspendState
PowerEnumerate
PowerReadFriendlyName
api-ms-win-core-wow64-l1-1-1
IsWow64Process2
api-ms-win-core-processthreads-l1-1-3
SetProcessInformation
api-ms-win-core-processthreads-l1-1-2
GetSystemTimes
api-ms-win-security-sddl-l1-1-0
ConvertSidToStringSidW
api-ms-win-core-toolhelp-l1-1-0
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
api-ms-win-core-wow64-l1-1-0
IsWow64Process
api-ms-win-security-lsalookup-l2-1-0
LookupPrivilegeValueW
api-ms-win-core-debug-l1-1-1
WaitForDebugEvent
ContinueDebugEvent
wlanapi
WlanDisconnect
WlanScan
WlanRegisterNotification
WlanConnect
api-ms-win-core-winrt-string-l1-1-0
WindowsCreateStringReference
api-ms-win-core-winrt-l1-1-0
RoGetActivationFactory
api-ms-win-core-synch-l1-2-1
CreateWaitableTimerW
coremessaging
CreateDispatcherQueueController
user32
WindowFromPoint
ReleaseDC
ShowWindow
IsWindowEnabled
GetWindowThreadProcessId
SetWindowsHookExA
SendNotifyMessageW
GetTouchInputInfo
GetDC
SendMessageA
GetDesktopWindow
SetWinEventHook
UnhookWinEvent
CloseTouchInputHandle
DestroyIcon
IsHungAppWindow
SetWindowLongA
GetMessageW
wsprintfW
MsgWaitForMultipleObjects
PeekMessageW
CallNextHookEx
SetWindowsHookExW
AllowSetForegroundWindow
keybd_event
OpenClipboard
CloseClipboard
EmptyClipboard
GetParent
ExitWindowsEx
GetLayeredWindowAttributes
GetClipboardData
EnableWindow
SetClipboardData
IsClipboardFormatAvailable
MonitorFromPoint
MonitorFromRect
QueryDisplayConfig
GetDisplayConfigBufferSizes
DisplayConfigGetDeviceInfo
EnumDisplaySettingsW
SetDisplayConfig
MonitorFromWindow
GetDoubleClickTime
CreatePopupMenu
DestroyMenu
GetKeyState
FindWindowA
SetWindowRgn
RegisterClassExW
LoadIconW
UpdateLayeredWindow
GetKeyboardLayoutList
UnregisterHotKey
LoadKeyboardLayoutW
RegisterShellHookWindow
SendMessageTimeoutA
GetShellWindow
SetMenu
SetLayeredWindowAttributes
GetClassNameW
GetMessageExtraInfo
IsZoomed
GetWindowLongA
IsIconic
GetWindowTextW
UnregisterClassW
GetKeyboardLayout
AttachThreadInput
SetFocus
PostMessageW
GetAncestor
GetClientRect
ActivateKeyboardLayout
UnregisterDeviceNotification
GetWindowTextLengthW
SetActiveWindow
GetWindowLongW
FindWindowExA
CloseWindow
SendMessageTimeoutW
SendMessageW
SetWindowTextW
SwitchToThisWindow
MoveWindow
LoadCursorW
SetCursor
SetForegroundWindow
ShowWindowAsync
GetWindow
GetWindowPlacement
DeregisterShellHookWindow
EndPaint
BeginPaint
SetWindowLongW
SetPropW
UpdateLayeredWindowIndirect
GetPropW
DefWindowProcW
IsWindow
PostMessageA
GetWindowRect
RegisterWindowMessageW
GetWindowTextLengthA
FindWindowW
GetMenuStringW
GetSubMenu
GetMenuItemCount
IsWindowVisible
GetMenu
GetMenuItemID
FindWindowExW
GetMenuState
GetSystemMenu
GetCursorPos
SetWindowLongPtrA
PostQuitMessage
KillTimer
GetWindowLongPtrA
TranslateMessage
TranslateAcceleratorW
ChangeWindowMessageFilter
UnhookWindowsHookEx
GetForegroundWindow
RegisterHotKey
RegisterTouchWindow
SetTimer
DispatchMessageW
LoadAcceleratorsW
RemovePropW
CreateWindowExW
MessageBoxW
SetWindowPos
DestroyWindow
TrackMouseEvent
ole32
CoInitialize
OleUninitialize
OleDuplicateData
ReleaseStgMedium
RevokeDragDrop
RegisterDragDrop
OleInitialize
imm32
ImmReleaseContext
ImmGetCompositionStringW
ImmGetContext
ImmGetDefaultIMEWnd
ImmSetCompositionWindow
ImmAssociateContext
oleacc
WindowFromAccessibleObject
AccessibleChildren
AccessibleObjectFromWindow
cfgmgr32
CM_Query_And_Remove_SubTreeW
CM_Request_Device_EjectW
comdlg32
GetOpenFileNameW
GetSaveFileNameW
kernel32
FreeLibraryWhenCallbackReturns
IsProcessorFeaturePresent
RtlCaptureStackBackTrace
RtlPcToFileHeader
GetPrivateProfileSectionNamesW
GetPrivateProfileSectionW
GetCompressedFileSizeW
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
TryAcquireSRWLockExclusive
GetStringTypeW
WaitForSingleObjectEx
SwitchToThread
GetNativeSystemInfo
QueryPerformanceCounter
QueryPerformanceFrequency
GetLocaleInfoEx
CompareStringEx
EnterCriticalSection
EncodePointer
LCMapStringEx
GetCPInfo
SetFileInformationByHandle
GetTempPathW
SubmitThreadpoolWork
CloseThreadpoolWork
GetModuleHandleExW
WakeConditionVariable
WakeAllConditionVariable
SleepConditionVariableSRW
InitOnceComplete
FlsGetValue
FlsSetValue
FlsFree
InitializeSRWLock
InitOnceExecuteOnce
SleepConditionVariableCS
CreateEventExW
CreateSemaphoreExW
FlushProcessWriteBuffers
GetCurrentProcessorNumber
CreateThreadpoolTimer
SetThreadpoolTimer
WaitForThreadpoolTimerCallbacks
CloseThreadpoolTimer
CreateThreadpoolWait
SetThreadpoolWait
CloseThreadpoolWait
InitOnceBeginInitialize
GetFileInformationByHandleEx
CreateSymbolicLinkW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
InitializeSListHead
GetStartupInfoW
CreateThreadpoolWork
FlsAlloc
InitializeConditionVariable
shell32
SHBrowseForFolderW
SHGetFolderLocation
ord190
SHGetSpecialFolderLocation
SHCreateItemFromIDList
ShellExecuteExW
ord6
SHFileOperationW
SHGetPathFromIDListW
SHEmptyRecycleBinW
SHGetFileInfoW
SHGetPropertyStoreForWindow
ord155
ord727
SHOpenFolderAndSelectItems
SHCreateItemInKnownFolder
SHCreateItemFromParsingName
SHBindToParent
SHAppBarMessage
SHGetKnownFolderPath
ShellExecuteW
SHCreateShellItemArrayFromIDLists
ord195
ord88
DragAcceptFiles
SHQueryUserNotificationState
DragFinish
DragQueryFileW
SHGetDesktopFolder
SHParseDisplayName
advapi32
ControlService
OpenServiceW
InitiateShutdownW
GetUserNameW
CloseServiceHandle
winmm
PlaySoundW
shlwapi
PathFileExistsW
AssocQueryStringW
PathFindFileNameW
PathRemoveFileSpecW
PathFindExtensionW
PathRemoveBackslashW
PathIsDirectoryW
StrStrIA
StrStrIW
StrRetToBufW
ord176
ord487
PathIsNetworkPathW
urlmon
URLDownloadToFileW
CopyStgMedium
gdi32
CreatePen
SetBkMode
DeleteDC
GetBitmapBits
DeleteObject
Rectangle
GetPixel
BitBlt
SetDIBitsToDevice
GetStockObject
SetLayout
CreateCompatibleDC
CreateDIBSection
SelectObject
CombineRgn
CreateEllipticRgn
GetDeviceCaps
GetObjectW
CreateRectRgn
dwmapi
DwmUpdateThumbnailProperties
DwmGetWindowAttribute
DwmUnregisterThumbnail
DwmSetWindowAttribute
DwmEnableBlurBehindWindow
DwmRegisterThumbnail
DwmQueryThumbnailSourceSize
DwmIsCompositionEnabled
msimg32
AlphaBlend
dxva2
SetMonitorBrightness
GetPhysicalMonitorsFromHMONITOR
DestroyPhysicalMonitors
GetNumberOfPhysicalMonitorsFromHMONITOR
GetMonitorBrightness
steam_api64
SteamAPI_Init
SteamAPI_RegisterCallback
SteamAPI_ReleaseCurrentThreadMemory
SteamAPI_IsSteamRunning
SteamAPI_UnregisterCallResult
SteamAPI_UnregisterCallback
SteamAPI_RegisterCallResult
SteamInternal_FindOrCreateUserInterface
SteamAPI_GetHSteamUser
SteamInternal_ContextInit
SteamAPI_RunCallbacks
SteamAPI_Shutdown
dbghelp
MiniDumpWriteDump
virtdisk
OpenVirtualDisk
GetStorageDependencyInformation
DetachVirtualDisk
bluetoothapis
BluetoothSetServiceState
BluetoothGetRadioInfo
BluetoothFindFirstRadio
BluetoothFindRadioClose
setupapi
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsW
SetupDiGetDeviceInterfaceDetailW
version
GetFileVersionInfoSizeW
comctl32
ImageList_Create
ImageList_Draw
ImageList_Destroy
ImageList_ReplaceIcon
rasapi32
RasEnumConnectionsW
RasEnumEntriesW
RasHangUpW
RasDialW
RasGetEntryDialParamsW
api-ms-win-shcore-scaling-l1-1-1
GetScaleFactorForMonitor
pdh
PdhRemoveCounter
PdhCloseQuery
PdhCollectQueryData
PdhGetFormattedCounterValue
PdhOpenQueryW
PdhAddCounterW
api-ms-win-core-rtlsupport-l1-1-0
RtlUnwind
RtlUnwindEx
api-ms-win-core-interlocked-l1-1-0
InterlockedFlushSList
InterlockedPushEntrySList
api-ms-win-core-console-l1-1-0
GetConsoleMode
SetConsoleCtrlHandler
GetConsoleOutputCP
ReadConsoleW
WriteConsoleW
Sections
.text Size: 7.7MB - Virtual size: 7.7MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 2.0MB - Virtual size: 2.0MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 120KB - Virtual size: 159KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 430KB - Virtual size: 429KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_RDATA Size: 77KB - Virtual size: 77KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 1021KB - Virtual size: 1021KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 10KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ