F:\Dock1.9.9.6\x64\Release\Dock_64.pdb
Static task
static1
1 signatures
General
-
Target
Dock_64.exe
-
Size
11.8MB
-
MD5
fa70a7f58b8ee080de65c7622203fd04
-
SHA1
9ae5b3ad5b31da5cf1f492a446443d2bcc52f54e
-
SHA256
5123e66428fda62ddb945c92396940b3ad9a191a3f105f458681d695d5cbea8b
-
SHA512
3488cfe3cfed6a5a9a539e4247460b745f53bbc544721d2c357050c542a8e08981fc68a94c0a6b54c04d030360f5d1d1e2338a71a531cc98d1f183fe3e2114c4
-
SSDEEP
196608:MC7iX+WRPo92WdOpe+5YShUZy3+snIUQRsClS7:N7pWRPoIWo4+aSq03+xR1ls
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource Dock_64.exe
Files
-
Dock_64.exe.exe windows:6 windows x64 arch:x64
397b5910c723b793be7d27e46a4378e3
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
Imports
api-ms-win-core-com-l1-1-0
CoInitializeSecurity
StringFromGUID2
CLSIDFromString
CoInitializeEx
CoGetInterfaceAndReleaseStream
CoMarshalInterThreadInterfaceInStream
CoSetProxyBlanket
CoUninitialize
CoCreateFreeThreadedMarshaler
CoTaskMemFree
CoCreateInstance
PropVariantClear
CoTaskMemAlloc
api-ms-win-core-synch-l1-2-0
Sleep
api-ms-win-core-libraryloader-l1-2-1
LoadLibraryA
LoadLibraryW
FindResourceW
api-ms-win-core-libraryloader-l1-2-0
LoadLibraryExA
LoadStringW
FreeLibraryAndExitThread
LoadResource
GetModuleFileNameW
FreeLibrary
GetProcAddress
GetModuleHandleW
SizeofResource
LoadLibraryExW
LockResource
api-ms-win-ntuser-sysparams-l1-1-0
EnumDisplayDevicesW
GetMonitorInfoW
SystemParametersInfoW
EnumDisplayMonitors
GetSystemMetrics
oleaut32
VariantChangeType
VariantInit
SysFreeString
VariantClear
SysAllocString
GetErrorInfo
CreateErrorInfo
SetErrorInfo
SysStringLen
api-ms-win-core-io-l1-1-0
DeviceIoControl
api-ms-win-core-file-l1-1-0
CreateFileA
GetFileAttributesA
GetLongPathNameW
GetFileAttributesExW
RemoveDirectoryA
UnlockFile
GetVolumeInformationW
CreateDirectoryA
LockFile
GetDriveTypeW
FindNextFileA
DeleteFileW
FindNextFileW
DeleteFileA
GetFileSize
GetDiskFreeSpaceExW
GetFileType
FindClose
FindFirstFileA
GetFileAttributesExA
SetEndOfFile
FlushFileBuffers
GetFileSizeEx
GetFileTime
CreateDirectoryW
ReadFile
GetFinalPathNameByHandleW
WriteFile
GetFileInformationByHandle
GetLogicalDriveStringsW
CreateFileW
LocalFileTimeToFileTime
GetFileAttributesW
SetFilePointer
SetFileTime
GetShortPathNameW
FindFirstFileExW
SetFileAttributesW
SetFilePointerEx
api-ms-win-core-handle-l1-1-0
DuplicateHandle
CloseHandle
d3dcompiler_47
D3DCompile
d3d11
CreateDirect3D11DeviceFromDXGIDevice
D3D11CreateDevice
api-ms-win-mm-time-l1-1-0
timeBeginPeriod
timeGetTime
timeEndPeriod
api-ms-win-core-processthreads-l1-1-0
TlsGetValue
TlsSetValue
TlsAlloc
CreateThread
ExitThread
ResumeThread
CreateProcessW
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
SetPriorityClass
ExitProcess
OpenThread
GetCurrentThread
OpenProcessToken
GetExitCodeProcess
GetExitCodeThread
GetCurrentProcessId
TlsFree
api-ms-win-core-errorhandling-l1-1-0
SetErrorMode
RaiseException
GetLastError
SetUnhandledExceptionFilter
SetLastError
api-ms-win-core-processthreads-l1-1-1
OpenProcess
api-ms-win-core-file-l2-1-0
MoveFileExW
api-ms-win-core-kernel32-legacy-l1-1-0
CreateFileMappingA
MoveFileW
MoveFileA
GetComputerNameW
api-ms-win-core-file-l2-1-2
CopyFileW
api-ms-win-core-psapi-l1-1-0
K32GetProcessMemoryInfo
K32EnumProcesses
QueryFullProcessImageNameW
api-ms-win-core-kernel32-legacy-l1-1-1
SetDllDirectoryW
api-ms-win-core-debug-l1-1-0
OutputDebugStringW
OutputDebugStringA
IsDebuggerPresent
api-ms-win-core-localization-l1-2-0
GetOEMCP
GetUserDefaultLCID
FormatMessageW
LCMapStringW
IsValidCodePage
GetACP
FormatMessageA
EnumSystemLocalesW
GetSystemDefaultLCID
GetLocaleInfoW
IsValidLocale
api-ms-win-core-synch-l1-1-0
CreateEventW
SetEvent
SetWaitableTimer
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
WaitForSingleObject
OpenEventW
LeaveCriticalSection
InitializeCriticalSection
TryEnterCriticalSection
InitializeCriticalSectionEx
api-ms-win-service-management-l1-1-0
OpenSCManagerW
dwrite
DWriteCreateFactory
d2d1
ord2
ord1
api-ms-win-core-version-l1-1-0
VerQueryValueW
api-ms-win-core-version-l1-1-1
GetFileVersionInfoW
api-ms-win-core-sysinfo-l1-1-0
GetSystemInfo
GetSystemTimeAsFileTime
GetLocalTime
GetWindowsDirectoryW
GetTickCount64
GetSystemTime
GlobalMemoryStatusEx
GetSystemDirectoryW
api-ms-win-core-util-l1-1-0
DecodePointer
api-ms-win-appmodel-runtime-l1-1-0
GetPackageFamilyName
api-ms-win-core-privateprofile-l1-1-0
WritePrivateProfileStringW
GetPrivateProfileStringW
api-ms-win-core-file-ansi-l2-1-0
ReplaceFileA
api-ms-win-core-memory-l1-1-0
VirtualQuery
VirtualAllocEx
ReadProcessMemory
MapViewOfFile
VirtualFreeEx
OpenFileMappingW
CreateFileMappingW
VirtualProtect
UnmapViewOfFile
api-ms-win-core-file-l1-2-2
GetTempPathA
api-ms-win-core-heap-l2-1-0
GlobalAlloc
LocalFree
LocalAlloc
api-ms-win-security-cryptoapi-l1-1-0
CryptGetHashParam
CryptCreateHash
CryptAcquireContextA
CryptDestroyHash
CryptHashData
CryptReleaseContext
api-ms-win-security-base-l1-1-0
GetTokenInformation
AdjustTokenPrivileges
crypt32
CryptStringToBinaryA
CryptStringToBinaryW
CryptBinaryToStringW
api-ms-win-core-registry-l1-1-0
RegNotifyChangeKeyValue
RegEnumValueW
RegQueryInfoKeyW
RegQueryValueExW
RegCloseKey
RegDeleteValueW
RegSetValueExW
rpcrt4
UuidFromStringW
api-ms-win-devices-config-l1-1-1
CM_Get_Parent
CM_Get_DevNode_Status
api-ms-win-core-registry-l2-1-0
RegCreateKeyW
RegOpenKeyW
RegEnumKeyW
api-ms-win-core-heap-l1-1-0
HeapFree
HeapAlloc
GetProcessHeap
HeapSize
HeapReAlloc
api-ms-win-power-base-l1-1-0
CallNtPowerInformation
api-ms-win-core-processenvironment-l1-1-0
SetStdHandle
GetStdHandle
GetCurrentDirectoryW
FreeEnvironmentStringsW
GetCommandLineW
GetEnvironmentStringsW
GetCommandLineA
SetCurrentDirectoryW
SetEnvironmentVariableW
GetEnvironmentVariableW
ext-ms-win-networking-wlanapi-l1-1-0
WlanGetProfileList
WlanOpenHandle
WlanEnumInterfaces
WlanSetProfile
WlanCloseHandle
WlanQueryInterface
WlanGetAvailableNetworkList
WlanFreeMemory
ws2_32
WSACleanup
socket
WSAStartup
connect
iphlpapi
GetAdaptersInfo
api-ms-win-core-string-l1-1-0
MultiByteToWideChar
CompareStringW
WideCharToMultiByte
api-ms-win-core-heap-obsolete-l1-1-0
GlobalUnlock
GlobalLock
GlobalSize
api-ms-win-core-timezone-l1-1-0
GetTimeZoneInformation
SystemTimeToFileTime
FileTimeToSystemTime
api-ms-win-power-setting-l1-1-0
PowerGetActiveScheme
api-ms-win-core-datetime-l1-1-0
GetTimeFormatW
GetDateFormatW
api-ms-win-core-file-l1-2-0
GetVolumePathNamesForVolumeNameW
powrprof
SetSuspendState
PowerEnumerate
PowerSetActiveScheme
PowerReadFriendlyName
api-ms-win-core-wow64-l1-1-1
IsWow64Process2
api-ms-win-core-processthreads-l1-1-3
SetProcessInformation
api-ms-win-core-processthreads-l1-1-2
GetSystemTimes
api-ms-win-security-sddl-l1-1-0
ConvertSidToStringSidW
api-ms-win-core-toolhelp-l1-1-0
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
api-ms-win-core-wow64-l1-1-0
IsWow64Process
api-ms-win-security-lsalookup-l2-1-0
LookupPrivilegeValueW
api-ms-win-core-debug-l1-1-1
ContinueDebugEvent
WaitForDebugEvent
wlanapi
WlanDisconnect
WlanRegisterNotification
WlanConnect
WlanScan
api-ms-win-core-winrt-string-l1-1-0
WindowsDeleteString
WindowsGetStringRawBuffer
WindowsGetStringLen
WindowsCreateStringReference
api-ms-win-core-winrt-l1-1-0
RoGetActivationFactory
api-ms-win-core-synch-l1-2-1
CreateWaitableTimerW
oleacc
WindowFromAccessibleObject
AccessibleChildren
AccessibleObjectFromWindow
imm32
ImmGetDefaultIMEWnd
ImmGetContext
ImmGetCompositionStringW
ImmReleaseContext
ImmAssociateContext
ImmSetCompositionWindow
user32
IsWindowEnabled
PostMessageW
DestroyWindow
ReleaseDC
ShowWindow
SetWindowLongA
FindWindowExA
DispatchMessageW
wsprintfW
MsgWaitForMultipleObjects
PeekMessageW
CallNextHookEx
SetWindowsHookExW
AllowSetForegroundWindow
UnregisterHotKey
keybd_event
OpenClipboard
CloseClipboard
EmptyClipboard
ExitWindowsEx
GetClipboardData
SetClipboardData
IsClipboardFormatAvailable
SetWindowPlacement
MonitorFromPoint
MonitorFromRect
QueryDisplayConfig
GetDisplayConfigBufferSizes
DisplayConfigGetDeviceInfo
EnumDisplaySettingsW
SetDisplayConfig
MonitorFromWindow
GetDoubleClickTime
CreatePopupMenu
DestroyMenu
GetKeyState
LoadAcceleratorsW
SetWindowRgn
RegisterClassExW
LoadIconW
GetDC
UpdateLayeredWindow
DefWindowProcW
LoadKeyboardLayoutW
SetWindowLongW
RegisterShellHookWindow
SendMessageTimeoutA
GetShellWindow
GetLayeredWindowAttributes
SetMenu
SetLayeredWindowAttributes
GetClassNameW
IsZoomed
IsIconic
GetWindowTextW
GetWindowLongA
UnregisterClassW
GetKeyboardLayout
LockWorkStation
AttachThreadInput
SetFocus
SetTimer
GetClientRect
ActivateKeyboardLayout
UnregisterDeviceNotification
GetWindowTextLengthW
SetActiveWindow
GetWindowLongW
CloseWindow
FindWindowA
SendMessageTimeoutW
EnableWindow
SetWindowTextW
SwitchToThisWindow
MoveWindow
LoadCursorW
SetCursor
SetForegroundWindow
RegisterTouchWindow
GetMessageW
GetSystemMenu
ShowWindowAsync
GetWindow
GetWindowPlacement
TrackMouseEvent
GetAncestor
SendNotifyMessageW
BeginPaint
EndPaint
GetMessageExtraInfo
CloseTouchInputHandle
GetTouchInputInfo
DeregisterShellHookWindow
SendMessageW
DestroyIcon
SetWindowsHookExA
UpdateLayeredWindowIndirect
RegisterHotKey
SendMessageA
GetKeyboardLayoutList
SetWindowPos
MessageBoxW
GetWindowThreadProcessId
RemovePropW
CreateWindowExW
GetPropW
UnhookWinEvent
GetParent
SetWinEventHook
WindowFromPoint
IsWindow
PostMessageA
GetWindowRect
RegisterWindowMessageW
GetWindowTextLengthA
FindWindowW
GetMenuStringW
IsHungAppWindow
GetSubMenu
GetMenuItemCount
IsWindowVisible
GetMenu
GetMenuItemID
FindWindowExW
GetMenuState
GetCursorPos
SetWindowLongPtrA
PostQuitMessage
KillTimer
GetWindowLongPtrA
TranslateMessage
SetPropW
TranslateAcceleratorW
ChangeWindowMessageFilter
UnhookWindowsHookEx
GetForegroundWindow
GetDesktopWindow
ole32
RevokeDragDrop
RegisterDragDrop
OleUninitialize
CoInitialize
OleInitialize
cfgmgr32
CM_Query_And_Remove_SubTreeW
CM_Request_Device_EjectW
comdlg32
GetSaveFileNameW
GetOpenFileNameW
kernel32
GetModuleHandleExW
SubmitThreadpoolWork
CreateThreadpoolWork
FreeLibraryWhenCallbackReturns
IsProcessorFeaturePresent
RtlCaptureStackBackTrace
RtlPcToFileHeader
GetPrivateProfileSectionNamesW
GetPrivateProfileSectionW
GetCompressedFileSizeW
WaitForSingleObjectEx
SwitchToThread
GetNativeSystemInfo
WakeConditionVariable
QueryPerformanceFrequency
GetLocaleInfoEx
CompareStringEx
EnterCriticalSection
EncodePointer
LCMapStringEx
GetCPInfo
SleepConditionVariableSRW
GetTempPathW
InitOnceExecuteOnce
CreateEventExW
CreateSemaphoreExW
FlushProcessWriteBuffers
GetCurrentProcessorNumber
QueryPerformanceCounter
InitOnceComplete
InitOnceBeginInitialize
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
TryAcquireSRWLockExclusive
CreateThreadpoolTimer
SetThreadpoolTimer
WaitForThreadpoolTimerCallbacks
CloseThreadpoolTimer
CreateThreadpoolWait
SetThreadpoolWait
CloseThreadpoolWait
GetFileInformationByHandleEx
CreateSymbolicLinkW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
InitializeSListHead
GetStartupInfoW
WakeAllConditionVariable
GetStringTypeW
SetFileInformationByHandle
CloseThreadpoolWork
shell32
SHGetSpecialFolderLocation
SHEmptyRecycleBinW
ord155
SHCreateItemInKnownFolder
SHBindToParent
SHGetKnownFolderPath
DragAcceptFiles
DragFinish
DragQueryFileW
SHGetDesktopFolder
SHParseDisplayName
ord190
SHGetPropertyStoreForWindow
SHGetPathFromIDListW
SHAppBarMessage
ShellExecuteW
SHCreateShellItemArrayFromIDLists
ord195
ord88
ord727
SHCreateItemFromParsingName
SHBrowseForFolderW
SHOpenFolderAndSelectItems
SHGetFileInfoW
SHFileOperationW
SHGetFolderLocation
ord6
ShellExecuteExW
SHCreateItemFromIDList
SHQueryUserNotificationState
advapi32
InitiateShutdownW
OpenServiceW
ControlService
CloseServiceHandle
GetUserNameW
winmm
PlaySoundW
shlwapi
PathFileExistsW
AssocQueryStringW
PathFindFileNameW
PathRemoveFileSpecW
PathFindExtensionW
PathIsNetworkPathW
PathRemoveBackslashW
PathIsDirectoryW
StrStrIA
StrStrIW
ord176
ord487
StrRetToBufW
urlmon
URLDownloadToFileW
gdi32
CreatePen
SetBkMode
DeleteDC
GetBitmapBits
GetStockObject
SetLayout
CreateCompatibleDC
BitBlt
GetObjectW
DeleteObject
GetPixel
SetDIBitsToDevice
CreateDIBSection
SelectObject
CombineRgn
CreateEllipticRgn
Rectangle
CreateRectRgn
GetDeviceCaps
dwmapi
DwmEnableBlurBehindWindow
DwmSetWindowAttribute
DwmUpdateThumbnailProperties
DwmUnregisterThumbnail
DwmRegisterThumbnail
DwmGetWindowAttribute
DwmQueryThumbnailSourceSize
DwmIsCompositionEnabled
msimg32
AlphaBlend
dxva2
SetMonitorBrightness
GetMonitorBrightness
GetPhysicalMonitorsFromHMONITOR
GetNumberOfPhysicalMonitorsFromHMONITOR
DestroyPhysicalMonitors
steam_api64
SteamAPI_IsSteamRunning
SteamInternal_ContextInit
SteamAPI_Shutdown
SteamAPI_GetHSteamUser
SteamInternal_FindOrCreateUserInterface
SteamAPI_RunCallbacks
SteamAPI_UnregisterCallResult
SteamAPI_RegisterCallback
SteamAPI_RegisterCallResult
SteamAPI_UnregisterCallback
SteamAPI_ReleaseCurrentThreadMemory
SteamAPI_Init
dbghelp
MiniDumpWriteDump
virtdisk
OpenVirtualDisk
GetStorageDependencyInformation
DetachVirtualDisk
bluetoothapis
BluetoothGetRadioInfo
BluetoothFindFirstRadio
BluetoothSetServiceState
BluetoothFindRadioClose
setupapi
SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsW
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInterfaceDetailW
version
GetFileVersionInfoSizeW
comctl32
ImageList_Draw
ImageList_Destroy
ImageList_ReplaceIcon
ImageList_Create
rasapi32
RasHangUpW
RasEnumConnectionsW
RasDialW
RasEnumEntriesW
RasGetEntryDialParamsW
api-ms-win-shcore-scaling-l1-1-1
GetScaleFactorForMonitor
pdh
PdhRemoveCounter
PdhAddCounterW
PdhOpenQueryW
PdhCloseQuery
PdhCollectQueryData
PdhGetFormattedCounterValue
api-ms-win-core-rtlsupport-l1-1-0
RtlUnwindEx
RtlUnwind
api-ms-win-core-interlocked-l1-1-0
InterlockedFlushSList
InterlockedPushEntrySList
api-ms-win-core-console-l1-1-0
SetConsoleCtrlHandler
ReadConsoleW
WriteConsoleW
GetConsoleOutputCP
GetConsoleMode
api-ms-win-core-fibers-l1-1-0
FlsFree
FlsAlloc
FlsGetValue
FlsSetValue
Sections
.text Size: 8.0MB - Virtual size: 8.0MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 2.1MB - Virtual size: 2.1MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 126KB - Virtual size: 164KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 457KB - Virtual size: 457KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
memcpy_ Size: 512B - Virtual size: 264B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
_RDATA Size: 77KB - Virtual size: 77KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 1.0MB - Virtual size: 1.0MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 10KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ