ScreenShot
| Created | 2024.09.30 09:43 | Machine | s1_win7_x6401 |
| Filename | hid.dll | ||
| Type | PE32+ executable (DLL) (GUI) x86-64, for MS Windows | ||
| AI Score | Not founds | Behavior Score |
|
| ZERO API | file : malware | ||
| VT API (file) | 9 detected (AIDetectMalware, GenericKD, Malicious, Fakecert, PossibleThreat) | ||
| md5 | 45bcb676df519af52389b5fcc83ed418 | ||
| sha256 | 84d23a2540eeb145c15bbcab39fbc43a7eb6b54d7d5a424a8bb33c0399ae2008 | ||
| ssdeep | 12288:uWJV8CJEMmtimEJ+jcsv2WvOgijVa0zxQ0gdnpyMFInGodf9k:uCVco+QlW2VjAwxQHptFInGs9 | ||
| imphash | 1dc516baebf52716a5c561034b8689f7 | ||
| impfuzzy | 48:bI4mBgZg4l9zYRWCNcpVeKtL1Bgap09laZl/HAE3ou5RZXn0+tzouftQ:bI4FgE2RWCNcpVeKtL1Bgap0/ | ||
Network IP location
Signature (2cnts)
| Level | Description |
|---|---|
| notice | File has been identified by 9 AntiVirus engines on VirusTotal as malicious |
| notice | Foreign language identified in PE resource |
Rules (8cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| warning | Generic_Malware_Zero | Generic Malware | binaries (upload) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | Malicious_Packer_Zero | Malicious Packer | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsDLL | (no description) | binaries (upload) |
| info | IsPE64 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|
Suricata ids
PE API
IAT(Import Address Table) Library
KERNEL32.dll
0x18008b030 QueryPerformanceCounter
0x18008b038 GetModuleHandleW
0x18008b040 VirtualQuery
0x18008b048 ExitProcess
0x18008b050 DisableThreadLibraryCalls
0x18008b058 GetCurrentThread
0x18008b060 CloseHandle
0x18008b068 SetEndOfFile
0x18008b070 WriteConsoleW
0x18008b078 HeapSize
0x18008b080 SetStdHandle
0x18008b088 GetProcessHeap
0x18008b090 FreeEnvironmentStringsW
0x18008b098 GetEnvironmentStringsW
0x18008b0a0 GetCommandLineW
0x18008b0a8 GetCommandLineA
0x18008b0b0 GetOEMCP
0x18008b0b8 GetProcAddress
0x18008b0c0 IsValidCodePage
0x18008b0c8 HeapReAlloc
0x18008b0d0 ReadConsoleW
0x18008b0d8 EnumSystemLocalesW
0x18008b0e0 GetUserDefaultLCID
0x18008b0e8 IsValidLocale
0x18008b0f0 GetLocaleInfoW
0x18008b0f8 LCMapStringW
0x18008b100 FlsFree
0x18008b108 FlsSetValue
0x18008b110 FlsGetValue
0x18008b118 QueryPerformanceFrequency
0x18008b120 GlobalUnlock
0x18008b128 FlsAlloc
0x18008b130 HeapAlloc
0x18008b138 HeapFree
0x18008b140 GetConsoleMode
0x18008b148 WideCharToMultiByte
0x18008b150 GlobalLock
0x18008b158 GlobalAlloc
0x18008b160 GlobalFree
0x18008b168 GetACP
0x18008b170 MultiByteToWideChar
0x18008b178 GetConsoleOutputCP
0x18008b180 WriteFile
0x18008b188 FlushFileBuffers
0x18008b190 GetFileType
0x18008b198 LocalFree
0x18008b1a0 FormatMessageA
0x18008b1a8 GetLocaleInfoEx
0x18008b1b0 CreateDirectoryW
0x18008b1b8 CreateFileW
0x18008b1c0 FindClose
0x18008b1c8 FindFirstFileW
0x18008b1d0 FindFirstFileExW
0x18008b1d8 FindNextFileW
0x18008b1e0 GetFileAttributesExW
0x18008b1e8 AreFileApisANSI
0x18008b1f0 GetLastError
0x18008b1f8 GetFileInformationByHandleEx
0x18008b200 ReleaseSRWLockExclusive
0x18008b208 AcquireSRWLockExclusive
0x18008b210 TryAcquireSRWLockExclusive
0x18008b218 Sleep
0x18008b220 InitOnceComplete
0x18008b228 InitOnceBeginInitialize
0x18008b230 GetCurrentThreadId
0x18008b238 EnterCriticalSection
0x18008b240 LeaveCriticalSection
0x18008b248 InitializeCriticalSectionEx
0x18008b250 DeleteCriticalSection
0x18008b258 EncodePointer
0x18008b260 DecodePointer
0x18008b268 LCMapStringEx
0x18008b270 GetSystemTimeAsFileTime
0x18008b278 GetStringTypeW
0x18008b280 GetCPInfo
0x18008b288 WakeAllConditionVariable
0x18008b290 SleepConditionVariableSRW
0x18008b298 RtlCaptureContext
0x18008b2a0 RtlLookupFunctionEntry
0x18008b2a8 RtlVirtualUnwind
0x18008b2b0 IsDebuggerPresent
0x18008b2b8 UnhandledExceptionFilter
0x18008b2c0 SetUnhandledExceptionFilter
0x18008b2c8 GetStartupInfoW
0x18008b2d0 IsProcessorFeaturePresent
0x18008b2d8 GetCurrentProcessId
0x18008b2e0 InitializeSListHead
0x18008b2e8 GetCurrentProcess
0x18008b2f0 TerminateProcess
0x18008b2f8 RtlUnwindEx
0x18008b300 RtlPcToFileHeader
0x18008b308 RaiseException
0x18008b310 InterlockedFlushSList
0x18008b318 SetLastError
0x18008b320 InitializeCriticalSectionAndSpinCount
0x18008b328 TlsAlloc
0x18008b330 TlsGetValue
0x18008b338 TlsSetValue
0x18008b340 TlsFree
0x18008b348 FreeLibrary
0x18008b350 LoadLibraryExW
0x18008b358 ReadFile
0x18008b360 CreateThread
0x18008b368 ExitThread
0x18008b370 FreeLibraryAndExitThread
0x18008b378 GetModuleHandleExW
0x18008b380 GetModuleFileNameW
0x18008b388 GetFileSizeEx
0x18008b390 SetFilePointerEx
0x18008b398 GetStdHandle
0x18008b3a0 RtlUnwind
USER32.dll
0x18008b3c0 CloseClipboard
0x18008b3c8 EmptyClipboard
0x18008b3d0 GetClipboardData
0x18008b3d8 SetClipboardData
0x18008b3e0 OpenClipboard
0x18008b3e8 CallWindowProcW
0x18008b3f0 SetWindowLongPtrW
0x18008b3f8 GetAsyncKeyState
0x18008b400 SetWindowLongW
0x18008b408 MessageBoxA
0x18008b410 ScreenToClient
0x18008b418 GetCapture
0x18008b420 ClientToScreen
0x18008b428 IsChild
0x18008b430 TrackMouseEvent
0x18008b438 GetForegroundWindow
0x18008b440 LoadCursorW
0x18008b448 SetCapture
0x18008b450 SetCursor
0x18008b458 GetClientRect
0x18008b460 ReleaseCapture
0x18008b468 SetCursorPos
0x18008b470 GetCursorPos
SHELL32.dll
0x18008b3b0 SHGetKnownFolderPath
ole32.dll
0x18008b480 CoTaskMemFree
IMM32.dll
0x18008b010 ImmSetCompositionWindow
0x18008b018 ImmReleaseContext
0x18008b020 ImmGetContext
D3DCOMPILER_47.dll
0x18008b000 D3DCompile
EAT(Export Address Table) is none
KERNEL32.dll
0x18008b030 QueryPerformanceCounter
0x18008b038 GetModuleHandleW
0x18008b040 VirtualQuery
0x18008b048 ExitProcess
0x18008b050 DisableThreadLibraryCalls
0x18008b058 GetCurrentThread
0x18008b060 CloseHandle
0x18008b068 SetEndOfFile
0x18008b070 WriteConsoleW
0x18008b078 HeapSize
0x18008b080 SetStdHandle
0x18008b088 GetProcessHeap
0x18008b090 FreeEnvironmentStringsW
0x18008b098 GetEnvironmentStringsW
0x18008b0a0 GetCommandLineW
0x18008b0a8 GetCommandLineA
0x18008b0b0 GetOEMCP
0x18008b0b8 GetProcAddress
0x18008b0c0 IsValidCodePage
0x18008b0c8 HeapReAlloc
0x18008b0d0 ReadConsoleW
0x18008b0d8 EnumSystemLocalesW
0x18008b0e0 GetUserDefaultLCID
0x18008b0e8 IsValidLocale
0x18008b0f0 GetLocaleInfoW
0x18008b0f8 LCMapStringW
0x18008b100 FlsFree
0x18008b108 FlsSetValue
0x18008b110 FlsGetValue
0x18008b118 QueryPerformanceFrequency
0x18008b120 GlobalUnlock
0x18008b128 FlsAlloc
0x18008b130 HeapAlloc
0x18008b138 HeapFree
0x18008b140 GetConsoleMode
0x18008b148 WideCharToMultiByte
0x18008b150 GlobalLock
0x18008b158 GlobalAlloc
0x18008b160 GlobalFree
0x18008b168 GetACP
0x18008b170 MultiByteToWideChar
0x18008b178 GetConsoleOutputCP
0x18008b180 WriteFile
0x18008b188 FlushFileBuffers
0x18008b190 GetFileType
0x18008b198 LocalFree
0x18008b1a0 FormatMessageA
0x18008b1a8 GetLocaleInfoEx
0x18008b1b0 CreateDirectoryW
0x18008b1b8 CreateFileW
0x18008b1c0 FindClose
0x18008b1c8 FindFirstFileW
0x18008b1d0 FindFirstFileExW
0x18008b1d8 FindNextFileW
0x18008b1e0 GetFileAttributesExW
0x18008b1e8 AreFileApisANSI
0x18008b1f0 GetLastError
0x18008b1f8 GetFileInformationByHandleEx
0x18008b200 ReleaseSRWLockExclusive
0x18008b208 AcquireSRWLockExclusive
0x18008b210 TryAcquireSRWLockExclusive
0x18008b218 Sleep
0x18008b220 InitOnceComplete
0x18008b228 InitOnceBeginInitialize
0x18008b230 GetCurrentThreadId
0x18008b238 EnterCriticalSection
0x18008b240 LeaveCriticalSection
0x18008b248 InitializeCriticalSectionEx
0x18008b250 DeleteCriticalSection
0x18008b258 EncodePointer
0x18008b260 DecodePointer
0x18008b268 LCMapStringEx
0x18008b270 GetSystemTimeAsFileTime
0x18008b278 GetStringTypeW
0x18008b280 GetCPInfo
0x18008b288 WakeAllConditionVariable
0x18008b290 SleepConditionVariableSRW
0x18008b298 RtlCaptureContext
0x18008b2a0 RtlLookupFunctionEntry
0x18008b2a8 RtlVirtualUnwind
0x18008b2b0 IsDebuggerPresent
0x18008b2b8 UnhandledExceptionFilter
0x18008b2c0 SetUnhandledExceptionFilter
0x18008b2c8 GetStartupInfoW
0x18008b2d0 IsProcessorFeaturePresent
0x18008b2d8 GetCurrentProcessId
0x18008b2e0 InitializeSListHead
0x18008b2e8 GetCurrentProcess
0x18008b2f0 TerminateProcess
0x18008b2f8 RtlUnwindEx
0x18008b300 RtlPcToFileHeader
0x18008b308 RaiseException
0x18008b310 InterlockedFlushSList
0x18008b318 SetLastError
0x18008b320 InitializeCriticalSectionAndSpinCount
0x18008b328 TlsAlloc
0x18008b330 TlsGetValue
0x18008b338 TlsSetValue
0x18008b340 TlsFree
0x18008b348 FreeLibrary
0x18008b350 LoadLibraryExW
0x18008b358 ReadFile
0x18008b360 CreateThread
0x18008b368 ExitThread
0x18008b370 FreeLibraryAndExitThread
0x18008b378 GetModuleHandleExW
0x18008b380 GetModuleFileNameW
0x18008b388 GetFileSizeEx
0x18008b390 SetFilePointerEx
0x18008b398 GetStdHandle
0x18008b3a0 RtlUnwind
USER32.dll
0x18008b3c0 CloseClipboard
0x18008b3c8 EmptyClipboard
0x18008b3d0 GetClipboardData
0x18008b3d8 SetClipboardData
0x18008b3e0 OpenClipboard
0x18008b3e8 CallWindowProcW
0x18008b3f0 SetWindowLongPtrW
0x18008b3f8 GetAsyncKeyState
0x18008b400 SetWindowLongW
0x18008b408 MessageBoxA
0x18008b410 ScreenToClient
0x18008b418 GetCapture
0x18008b420 ClientToScreen
0x18008b428 IsChild
0x18008b430 TrackMouseEvent
0x18008b438 GetForegroundWindow
0x18008b440 LoadCursorW
0x18008b448 SetCapture
0x18008b450 SetCursor
0x18008b458 GetClientRect
0x18008b460 ReleaseCapture
0x18008b468 SetCursorPos
0x18008b470 GetCursorPos
SHELL32.dll
0x18008b3b0 SHGetKnownFolderPath
ole32.dll
0x18008b480 CoTaskMemFree
IMM32.dll
0x18008b010 ImmSetCompositionWindow
0x18008b018 ImmReleaseContext
0x18008b020 ImmGetContext
D3DCOMPILER_47.dll
0x18008b000 D3DCompile
EAT(Export Address Table) is none