PUP.HotkeyHook.B

Analysis Report

General information

Family Name: PUP.HotkeyHook.B
Signature status: No Signature

Known Samples

MD5: 2515897cf03bb558aaa41cfee5d205a9
SHA1: 26a6eb6cbc96c14e6e6e769df5ce86a3267117cc
File Size: 1.19 MB, 1186822 bytes
MD5: 8b5b5d3d73ebd678b1f1d769cf8ffda3
SHA1: 7c6f39fb8e30dc3578981630f5e58b468be0bc55
SHA256: FEB6A8FD138E46DE6BD8303A4E642E09AE7690730D2A518011E893BD9B7997FC
File Size: 353.45 KB, 353448 bytes
MD5: 05e9ad81c938165477d7c18ce46f885f
SHA1: 93fad04164d4f39158247127f7a0050611892fe5
SHA256: AA06BB5749E8D7F3215331F4DBE25706D49482216482A4DEF2E65F9A57D5A968
File Size: 1.02 MB, 1023808 bytes
MD5: bcafb51725e56a4900db2231a579c010
SHA1: 59e1ef6e63cf31697b89d8d5a37775c757cb3fd0
SHA256: 3251B8D5CEA49892ED32F558865A6AE8979AB88E5CCD7F5296BF6DF6D63A6009
File Size: 381.42 KB, 381420 bytes

Windows Portable Executable Attributes

  • File doesn't have "Rich" header
  • File doesn't have debug information
  • File doesn't have exports table
  • File doesn't have relocations information
  • File doesn't have security information
  • File is 32-bit executable
  • File is either console or GUI application
  • File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
  • File is Native application (NOT .NET application)
  • File is not packed
Show More
  • IMAGE_FILE_DLL is not set inside PE header (Executable)
  • IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

File Icons

File Traits

  • dll
  • x86

Block Information

Total Blocks: 1,000
Potentially Malicious Blocks: 148
Whitelisted Blocks: 852
Unknown Blocks: 0

Visual Map

0 x x 0 0 x x x x x 0 x x x x 0 x 0 0 0 0 0 0 0 x x x x x x 0 0 x 0 x x 0 x x x 0 0 x x x x x x x x x x x x x x 0 0 x x x x x x 0 0 x x 0 x x x x x x x x x x x 0 x 0 x x 0 x x 0 0 x x x x x x 0 x x x x 0 0 x 0 x x x x x x x x 0 0 x 0 x 0 x x x x x x x x x x x x x x x 0 x x x x x x x x x 0 x x x x x x x x x x 0 0 x x x x x x x x x x x x x x x x 0 x x x 0 x x 0 0 0 0 0 0 0 0 0 0 0 x x 0 0 x 0 x x x x 0 x x x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 1 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block

Similar Families

  • HotkeyHook.A

Windows API Usage

Category API
Other Suspicious
  • SetWindowsHookEx

Trending

Most Viewed

Loading...