Malware Dynamic Analysis with GMER
GMER is a rootkit detection tool let you view the hooking executable and the hooked function inside the system.
Dynamic Analysis Tool Lists
GMER can give us details about the name of the executable that performs the hooking and the module it hooks.
In our sample, GMER detects a Win32.AgentTesla.exe[2820] hooks user32.dll’s GetKeyboardState API.
Agent Tesla is a known variant of information-stealing malware.