Sample file is different than original file name gathered from version info Static PE information: Resource n ame: RT_IC ON type: G LS_BINARY_ LSB_FIRST Potential key logger detected (key state polling based)Ĭode function: 0_2_00450B F3 Destroy Caret,Revo keDragDrop ,GetSysCol or,GetSysC olor,SetFo cus,GetUpd ateRect,Ge tDC,Select Object,Upd ateWindow, SelectObje ct,Release DC,CreateS olidBrush, DeleteObje ct,DefWind owProcA,De fWindowPro cW,GetStoc kObject,Ge tKeyState, GetWindowL ongA,GetSy stemMetric s,GetSyste mMetrics,I sBadWriteP tr,GetKeyb oardLayout ,ImmGetCon text,ImmGe tCompositi onStringW, ImmGetComp ositionStr ingW,ImmGe tCompositi onStringW, ImmRelease Context,De fWindowPro cA,DefWind owProcW,Ge tKeyboardL ayout,ImmG etContext, ImmSetComp ositionFon tA,ImmSetC omposition FontW,ImmR eleaseCont ext,System Parameters InfoA,Syst emParamete rsInfoA,Ki llTimer,Ge tCursorPos ,ScreenToC lient,GetC ursorPos,S creenToCli ent,SetTim er,DoDragD rop,GetCur sorPos,Scr eenToClien t,KillTime r,KillTime r,KillTime r,KillTime r,GetMessa geTime,Get KeyState,G etCursorPo s,ScreenTo Client,Get DoubleClic kTime,GetF ocus,SetFo cus,SetTim er,SetTime r,SetTimer ,SetTimer, GetKeyboar dLayout,Ge tKeyboardL ayout,ImmG etContext, GetKeyboar dLayout,Im mEscapeW,I mmReleaseC ontext,Wid eCharToMul tiByte,Get KeyboardLa yout,Inval idateRect, GetKeyStat e,GetKeySt ate,GetKey State,GetK eyState,Ge tKeyState, DefWindowP rocA,DefWi ndowProcW,Ĭode function: 0_2_004290 79 SendMes sageA,GetD lgItem,Get DlgItem,Ge tDlgItem,G etDlgItem, GetDlgItem ,GetDlgIte m,GetDlgIt em,MoveWin dow,GetSto ckObject,P ostMessage A,GetCurre ntThreadId ,SetWindow sHookExA,S howWindow, MoveWindow ,GetKeySta te,GetKeyS tate,GetKe yState,Get KeyState,P ostMessage A,GetKeySt ate,GetKey State,Inva lidateRect ,UpdateWin dow,Invali dateRect,G etFocus,Ge tFocus,Set Focus,Enab leWindow,E nableWindo w,GetFocus ,SetFocus, EnableWind ow,SendMes sageA,Post MessageA,I nvalidateR ect,SendMe ssageA,Pos tMessageA, Invalidate Rect,SendM essageA,Po stMessageA ,EndDialog ,UnhookWin dowsHookEx ,Ĭode function: 0_2_004468 78 GetKeyS tate,GetKe yState,Get KeyState,G etCursorPo s,ScreenTo Client,Set Cursor,Set Cursor,Set Cursor,Set Cursor,Set Cursor,Set Cursor,Set Cursor,Set Cursor,Set Cursor,Set Cursor,Set Cursor,Set Cursor,Set Cursor,Set Cursor,Ĭode function: 0_2_004269 BC GetKeyS tate,GetKe yState,Get KeyState,G etKeyState ,SendMessa geA,Ĭode function: 0_2_00427A 50 SendMes sageA,Send MessageA,S endMessage A,SendMess ageA,GetKe yState,Get KeyState,G etKeyState ,įound potential string decryption / allocating functionsĬode function: String fun ction: 004 1791A appe ars 106 ti mesĬode function: String fun ction: 004 15554 appe ars 39 tim esĬode function: String fun ction: 004 01A45 appe ars 72 tim es exeĬode function: 0_2_004118 DF OpenCli pboard,Glo balAlloc,G lobalAlloc ,GlobalLoc k,GlobalUn lock,WideC harToMulti Byte,WideC harToMulti Byte,Globa lAlloc,Glo balLock,Wi deCharToMu ltiByte,Gl obalUnlock ,Empt圜lip board,SetC lipboardDa ta,SetClip boardData, SetClipboa rdData,Clo seClipboar d,Ĭontains functionality to read the clipboard dataĬode function: 0_2_0041A8 AD OpenCli pboard,Get ClipboardD ata,GetCli pboardData ,GlobalLoc k,GetClipb oardData,G lobalLock, MultiByteT oWideChar, MultiByteT oWideChar, MultiByteT oWideChar, MultiByteT oWideChar, GlobalUnlo ck,CloseCl ipboard,Ĭontains functionality to retrieve information about pressed keystrokesĬode function: 0_2_0040BB 28 Sleep,S leep,GetKe yboardStat e,Sleep,Ge tKeyboardS tate, Contains functionality for read data from the clipboard
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |