04654a464e8309184a1f790cf90639cefe065870ec5f9bd188b37d715f847d3a

Sharing

Copy URL Twitter E-mail

General

Target

04654a464e8309184a1f790cf90639cefe065870ec5f9bd188b37d715f847d3a
Size

806KB
MD5

dc83966d97eb4faca436b502d9fad4be
SHA1

adf70e3b998e685f1e37548cbea72a451424baab
SHA256

04654a464e8309184a1f790cf90639cefe065870ec5f9bd188b37d715f847d3a
SHA512

61132e14cec837d423eccd131d4a074404663b98324979408ed73c5877af411d1c6a234e682eeb9d6e033dc66268f1ddea1e6259eb5ed8d672476ad19eb7326c
SSDEEP

12288:/8XXW9b2Od2oC315yJSuC2av7i0LDfd5as4+K9aOQXrqk4tcw8LMDhsm:/8XXW4fd5as4b9aOQXrqk4tcw8kj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
04654a464e8309184a1f790cf90639cefe065870ec5f9bd188b37d715f847d3a

Files

04654a464e8309184a1f790cf90639cefe065870ec5f9bd188b37d715f847d3a
.dll windows:6 windows x86 arch:x86

0c465ab43481fa5b602b5115afc689b9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

B:\b\discord_desktop\build_x86\x86_mt\DiscordHook.dll.pdb

Imports

user32

CallNextHookEx
DefWindowProcW
DispatchMessageW
GetClientRect
GetKeyState
GetKeyboardLayout
GetMessageW
GetMonitorInfoW
GetRawInputData
GetSystemMetrics
GetWindowRect
IsIconic
IsWindowVisible
LoadCursorW
MapVirtualKeyW
MonitorFromWindow
PostMessageW
PtInRect
RegisterWindowMessageA
ScreenToClient
SetRect
TranslateMessage
WindowFromDC

kernel32

AcquireSRWLockExclusive
CancelIo
CancelIoEx
CancelSynchronousIo
CloseHandle
CompareStringEx
CompareStringW
ConnectNamedPipe
CreateEventW
CreateFileA
CreateFileMappingA
CreateFileW
CreateIoCompletionPort
CreateMutexA
CreateNamedPipeW
CreateProcessW
CreateSemaphoreW
CreateThread
CreateToolhelp32Snapshot
DebugBreak
DecodePointer
DeleteCriticalSection
DuplicateHandle
EncodePointer
EnterCriticalSection
EnumSystemLocalesW
ExitProcess
ExitThread
FillConsoleOutputAttribute
FillConsoleOutputCharacterW
FindClose
FindFirstFileExW
FindNextFileW
FlushFileBuffers
FlushInstructionCache
FormatMessageA
FreeEnvironmentStringsW
FreeLibrary
FreeLibraryAndExitThread
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleCursorInfo
GetConsoleMode
GetConsoleOutputCP
GetConsoleScreenBufferInfo
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDateFormatW
GetEnvironmentStringsW
GetExitCodeProcess
GetExitCodeThread
GetFileSizeEx
GetFileType
GetLastError
GetLocaleInfoEx
GetLocaleInfoW
GetLongPathNameW
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleExW
GetModuleHandleW
GetNamedPipeHandleStateW
GetNumberOfConsoleInputEvents
GetOEMCP
GetProcAddress
GetProcessHeap
GetQueuedCompletionStatus
GetQueuedCompletionStatusEx
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemDirectoryW
GetSystemInfo
GetSystemTimeAsFileTime
GetThreadContext
GetTimeFormatW
GetTimeZoneInformation
GetUserDefaultLCID
HeapAlloc
HeapCreate
HeapFree
HeapReAlloc
HeapSize
InitOnceBeginInitialize
InitOnceComplete
InitializeConditionVariable
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InitializeCriticalSectionEx
InitializeSListHead
InitializeSRWLock
InterlockedFlushSList
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
IsValidLocale
K32GetModuleBaseNameW
K32GetModuleInformation
LCMapStringEx
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryExW
LocalAlloc
LocalFree
MapViewOfFile
MultiByteToWideChar
OpenEventA
OpenFileMappingA
OpenProcess
OpenThread
OutputDebugStringA
PeekNamedPipe
PostQueuedCompletionStatus
ProcessIdToSessionId
QueryPerformanceCounter
QueryPerformanceFrequency
QueueUserWorkItem
RaiseException
ReadConsoleInputW
ReadConsoleW
ReadDirectoryChangesW
ReadFile
RegisterWaitForSingleObject
ReleaseMutex
ReleaseSRWLockExclusive
ReleaseSemaphore
ResetEvent
ResumeThread
RtlUnwind
SetConsoleCtrlHandler
SetConsoleCursorInfo
SetConsoleCursorPosition
SetConsoleTextAttribute
SetEndOfFile
SetEnvironmentVariableW
SetErrorMode
SetEvent
SetFileCompletionNotificationModes
SetFilePointerEx
SetHandleInformation
SetLastError
SetNamedPipeHandleState
SetStdHandle
SetThreadContext
SetUnhandledExceptionFilter
Sleep
SleepConditionVariableCS
SleepConditionVariableSRW
SuspendThread
SwitchToThread
TerminateProcess
Thread32First
Thread32Next
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TryEnterCriticalSection
UnhandledExceptionFilter
UnmapViewOfFile
UnregisterWait
UnregisterWaitEx
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WaitForSingleObject
WaitForSingleObjectEx
WaitNamedPipeW
WakeAllConditionVariable
WakeConditionVariable
WideCharToMultiByte
WriteConsoleInputW
WriteConsoleW
WriteFile

advapi32

AllocateAndInitializeSid
ConvertSidToStringSidA
ConvertStringSecurityDescriptorToSecurityDescriptorA
FreeSid
GetSecurityInfo
GetTokenInformation
OpenProcessToken
SetEntriesInAclW
SetSecurityInfo

imm32

ImmAssociateContextEx
ImmGetCompositionStringW
ImmGetContext
ImmIsIME
ImmNotifyIME
ImmReleaseContext
ImmSetCandidateWindow

gdi32

SwapBuffers

ole32

CoTaskMemFree

shlwapi

PathFindFileNameW

ws2_32

WSADuplicateSocketW
WSAGetLastError
WSAIoctl
WSARecv
WSARecvFrom
WSASend
WSASetLastError
WSASocketW
WSAStartup
bind
closesocket
getsockopt
htons
ioctlsocket
listen
select
setsockopt
shutdown
socket

Exports

Exports

_dummy_debug_proc@12

Sections

.text
Size: 630KB - Virtual size: 630KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 119KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.00cfg
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 29B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0c465ab43481fa5b602b5115afc689b9

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

user32

kernel32

advapi32

imm32

gdi32

ole32

shlwapi

ws2_32

Exports

Exports

Sections

.text Size: 630KB - Virtual size: 630KB

.rdata Size: 119KB - Virtual size: 118KB

.data Size: 19KB - Virtual size: 42KB

.00cfg Size: 512B - Virtual size: 8B

.tls Size: 512B - Virtual size: 29B

.reloc Size: 35KB - Virtual size: 34KB

.text
Size: 630KB - Virtual size: 630KB

.rdata
Size: 119KB - Virtual size: 118KB

.data
Size: 19KB - Virtual size: 42KB

.00cfg
Size: 512B - Virtual size: 8B

.tls
Size: 512B - Virtual size: 29B

.reloc
Size: 35KB - Virtual size: 34KB