c6dd240b14dfde1110bba35fc725c959d2c83548f86dfba4fdf84ee91c5020b8

Sharing

Copy URL Twitter E-mail

General

Target

c6dd240b14dfde1110bba35fc725c959d2c83548f86dfba4fdf84ee91c5020b8
Size

642KB
MD5

7b1c477590cb45d62665eee9ade1d135
SHA1

7ebac237c4e45c178f6ae787c0ca23eed95249e8
SHA256

c6dd240b14dfde1110bba35fc725c959d2c83548f86dfba4fdf84ee91c5020b8
SHA512

e38d6e79c059cc1fe085abb41eaba23f5a86f5aabc4a6659707fedb86a76b759fc148f815a9da5209a54af60efd5bddff3aa033ebbfae561972c309c777c5fde
SSDEEP

12288:dq/zrqknDx7QvGND2d+7r52ZOFHSVl8z/:dC+kntQldm4O1z/

Score

N/A

Malware Config

Signatures

Files

c6dd240b14dfde1110bba35fc725c959d2c83548f86dfba4fdf84ee91c5020b8
.exe windows x86

f1fdd4d7f7c67ab7957a48aefa030cc1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED

Imports

catsrvut

??1CComPlusInterface@@UAE@XZ

dhcpsapi

DhcpAddMScopeElement
DhcpAddServer
DhcpAddSubnetElement
DhcpAuditLogGetParams
DhcpAuditLogSetParams
DhcpCreateClass
DhcpCreateClientInfo
DhcpCreateOption
DhcpCreateSubnet
DhcpDeleteClass
DhcpDeleteClientInfo
DhcpDeleteMClientInfo
DhcpDeleteMScope
DhcpDeleteServer
DhcpDeleteSubnet
DhcpDsCleanup
DhcpDsClearHostServerEntries
DhcpDsInit
DhcpEnumClasses
DhcpEnumMScopeClients
DhcpEnumMScopeElements
DhcpEnumMScopes
DhcpEnumOptionValues
DhcpEnumSubnets
DhcpEnumOptions
DhcpEnumServers
DhcpEnumSubnetClients
DhcpEnumSubnetElements
DhcpGetAllOptions
DhcpGetClassInfo
DhcpGetClientInfo

kernel32

ReadFileEx
GetLastError
GetWindowsDirectoryA
UnregisterWait
FindAtomW
FillConsoleOutputCharacterW
FindActCtxSectionGuid
FindActCtxSectionStringA
FindActCtxSectionStringW
GlobalFindAtomW
CreateFileA
ReleaseMutex
_lread

esent

JetAddColumn
JetAttachDatabase
JetBackup
JetBackupInstance
JetBeginSession
JetBeginTransaction
JetCloseDatabase
JetCloseFile

mfcsubs

??0CString@@QAE@XZ
??0CString@@QAE@XZ
??0CString@@QAE@XZ
??0CString@@QAE@XZ
??0CString@@QAE@XZ
??0CString@@QAE@XZ
??0CString@@QAE@XZ
??0CString@@QAE@XZ
??0CString@@QAE@XZ
??0CString@@QAE@XZ
??0CString@@QAE@XZ
??0CString@@QAE@XZ
??0CString@@QAE@XZ
??0CString@@QAE@XZ
??0CString@@QAE@XZ
??0CString@@QAE@XZ
??0CString@@QAE@XZ
??0CString@@QAE@XZ
??0CString@@QAE@XZ
??0CString@@QAE@XZ
??0CString@@QAE@XZ
??0CString@@QAE@XZ
??0CString@@QAE@XZ
??0CString@@QAE@XZ

Sections

.text
Size: 28KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 162KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 582KB - Virtual size: 584KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.neolit
Size: 5KB - Virtual size: 8KB

Sharing

General

Malware Config

Signatures

Files

f1fdd4d7f7c67ab7957a48aefa030cc1

Headers

File Characteristics

Imports

catsrvut

dhcpsapi

kernel32

esent

mfcsubs

Sections

.text Size: 28KB - Virtual size: 35KB

.data Size: 14KB - Virtual size: 162KB

.rsrc Size: 582KB - Virtual size: 584KB

.neolit Size: 5KB - Virtual size: 8KB

.text
Size: 28KB - Virtual size: 35KB

.data
Size: 14KB - Virtual size: 162KB

.rsrc
Size: 582KB - Virtual size: 584KB

.neolit
Size: 5KB - Virtual size: 8KB