PGPhkDeleteHook
PGPhkSetHook
Static task
static1
Behavioral task
behavioral1
Sample
5ea0bd4c0016f2e01bcbf32db739bd80N.dll
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
5ea0bd4c0016f2e01bcbf32db739bd80N.dll
Resource
win10v2004-20240802-en
Target
5ea0bd4c0016f2e01bcbf32db739bd80N.exe
Size
3.5MB
MD5
5ea0bd4c0016f2e01bcbf32db739bd80
SHA1
a3a92fd6c182e9d5c90525242a390f6ad28eb53d
SHA256
fdd636c483944c750a726e0d1e7fd326797796101f70d642fcec055eb6fcf552
SHA512
fd7d881c73e2756eb1f89262f774cf5716a8ed2df455e37f8282ed3208ce9e75d133a7bbef125490152b3bb6693bbd8fbfe0fa2177231f6a28316d89c4881285
SSDEEP
49152:1m9HeH4FtP460/Igc9F3eKozoBkwAYwlNUdh12MZXHBSn+YmW4O3m7cjmMQTC+zv:8QKotcTlBk9YwzEhPbYzjmMtccXk8Kj
Checks for missing Authenticode signature.
resource |
---|
5ea0bd4c0016f2e01bcbf32db739bd80N.exe |
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
ReadFile
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress
PGPhkDeleteHook
PGPhkSetHook
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ