The Calls used by Blackhole Payload
With the Certification Operation Detected
------------------------------------------
USER32.dll.GetClassInfoExA Hint[247]
USER32.dll.EnumWindows Hint[222]
USER32.dll.CallNextHookEx Hint[26]
USER32.dll.GetWindowLongA Hint[366]
USER32.dll.DrawTextA Hint[188]
USER32.dll.DefWindowProcA Hint[142]
USER32.dll.ReleaseDC Hint[554]
USER32.dll.GetWindowRect Hint[372]
USER32.dll.DialogBoxIndirectParamA Hint[155]
USER32.dll.CreatePopupMenu Hint[94]
USER32.dll.GetSysColorBrush Hint[347]
USER32.dll.DispatchMessageA Hint[161]
USER32.dll.GetForegroundWindow Hint[279]
USER32.dll.CreateDialogIndirectParamA Hint[82]
USER32.dll.GetDesktopWindow Hint[270]
USER32.dll.GetClientRect Hint[255]
USER32.dll.MapWindowPoints Hint[473]
USER32.dll.GetSystemMetrics Hint[349]
USER32.dll.DestroyMenu Hint[151]
USER32.dll.BeginPaint Hint[13]
USER32.dll.EmptyClipboard Hint[193]
USER32.dll.InvalidateRect Hint[403]
USER32.dll.PostMessageA Hint[513]
USER32.dll.ValidateRect Hint[707]
USER32.dll.SetDlgItemInt Hint[594]
USER32.dll.InsertMenuItemA Hint[398]
USER32.dll.SetCursor Hint[589]
USER32.dll.GetDlgItemInt Hint[274]
CRYPT32.dll.CertGetCertificateChain Hint[64]
CRYPT32.dll.CertVerifyCertificateChainPolicy Hint[107]
CRYPT32.dll.CertCreateCertificateContext Hint[25]
CRYPT32.dll.CryptDecodeObject Hint[124]
CRYPT32.dll.CertFreeCertificateContext Hint[60]
CRYPT32.dll.CertFindCertificateInStore Hint[50]
CRYPT32.dll.CertAddEncodedCertificateToStore Hint[8]
CRYPT32.dll.CertDeleteCertificateFromStore Hint[30]
CRYPT32.dll.CertEnumCertificatesInStore Hint[41]
CRYPT32.dll.CryptEncodeObject Hint[128]
CRYPT32.dll.CryptHashCertificate Hint[151]
CRYPT32.dll.CertFreeCertificateChain Hint[58]
KERNEL32.dll.LCMapStringW Hint[571]
KERNEL32.dll.LCMapStringA Hint[570]
KERNEL32.dll.HeapSize Hint[530]
KERNEL32.dll.ReadFile Hint[681]
KERNEL32.dll.SetEndOfFile Hint[771]
KERNEL32.dll.GetStringTypeW Hint[437]
KERNEL32.dll.GetStringTypeA Hint[434]
KERNEL32.dll.GetTimeFormatA Hint[470]
KERNEL32.dll.GetCurrentProcessId Hint[315]
KERNEL32.dll.GetTickCount Hint[469]
KERNEL32.dll.QueryPerformanceCounter Hint[663]
KERNEL32.dll.GetCPInfo Hint[252]
KERNEL32.dll.GetOEMCP Hint[395]
KERNEL32.dll.GetACP Hint[245]
KERNEL32.dll.LoadLibraryA Hint[584]
KERNEL32.dll.CreateFileA Hint[77]
KERNEL32.dll.GetDateFormatA Hint[319]
KERNEL32.dll.GetUserDefaultLCID Hint[473]
KERNEL32.dll.GetLocaleInfoA Hint[364]
KERNEL32.dll.EnumSystemLocalesA Hint[165]
KERNEL32.dll.IsValidLocale Hint[567]
KERNEL32.dll.IsValidCodePage Hint[565]
KERNEL32.dll.GetTimeZoneInformation Hint[472]
KERNEL32.dll.GetLocaleInfoW Hint[365]
KERNEL32.dll.CompareStringA Hint[52]
KERNEL32.dll.CompareStringW Hint[53]
KERNEL32.dll.SetEnvironmentVariableA Hint[774]
KERNEL32.dll.GetSystemTimeAsFileTime Hint[448]
KERNEL32.dll.ExitProcess Hint[175]
KERNEL32.dll.GetSystemInfo Hint[443]
KERNEL32.dll.SetTapePosition Hint[815]
KERNEL32.dll.VirtualProtect Hint[889]
KERNEL32.dll.GetModuleHandleA Hint[375]
KERNEL32.dll.GetCommandLineA Hint[264]
KERNEL32.dll.GetVersionExA Hint[479]
KERNEL32.dll.GetLastError Hint[361]
KERNEL32.dll.WriteFile Hint[916]
KERNEL32.dll.FlushFileBuffers Hint[229]
KERNEL32.dll.DeleteCriticalSection Hint[122]
KERNEL32.dll.LeaveCriticalSection Hint[583]
KERNEL32.dll.FatalAppExitA Hint[183]
KERNEL32.dll.EnterCriticalSection Hint[143]
KERNEL32.dll.SetHandleCount Hint[791]
KERNEL32.dll.GetStdHandle Hint[433]
KERNEL32.dll.GetFileType Hint[350]
KERNEL32.dll.GetStartupInfoA Hint[431]
KERNEL32.dll.HeapFree Hint[524]
KERNEL32.dll.CloseHandle Hint[46]
KERNEL32.dll.GetProcAddress Hint[408]
KERNEL32.dll.TerminateProcess Hint[847]
KERNEL32.dll.GetCurrentProcess Hint[314]
KERNEL32.dll.GetModuleFileNameA Hint[373]
KERNEL32.dll.UnhandledExceptionFilter Hint[864]
KERNEL32.dll.FreeEnvironmentStringsA Hint[237]
KERNEL32.dll.GetEnvironmentStrings Hint[333]
KERNEL32.dll.FreeEnvironmentStringsW Hint[238]
KERNEL32.dll.WideCharToMultiByte Hint[903]
KERNEL32.dll.GetEnvironmentStringsW Hint[335]
KERNEL32.dll.TlsAlloc Hint[852]
KERNEL32.dll.SetLastError Hint[795]
KERNEL32.dll.GetCurrentThreadId Hint[318]
KERNEL32.dll.GetCurrentThread Hint[317]
KERNEL32.dll.TlsFree Hint[853]
KERNEL32.dll.TlsSetValue Hint[855]
KERNEL32.dll.TlsGetValue Hint[854]
KERNEL32.dll.HeapDestroy Hint[522]
KERNEL32.dll.HeapCreate Hint[520]
KERNEL32.dll.VirtualFree Hint[886]
KERNEL32.dll.SetFilePointer Hint[782]
KERNEL32.dll.SetStdHandle Hint[810]
KERNEL32.dll.InitializeCriticalSection Hint[537]
KERNEL32.dll.HeapAlloc Hint[518]
KERNEL32.dll.RtlUnwind Hint[714]
KERNEL32.dll.InterlockedExchange Hint[543]
KERNEL32.dll.VirtualQuery Hint[891]
KERNEL32.dll.VirtualAlloc Hint[883]
KERNEL32.dll.MultiByteToWideChar Hint[619]
KERNEL32.dll.HeapReAlloc Hint[528]
KERNEL32.dll.IsBadWritePtr Hint[556]