8857166a30c14c3b17bdaa7fdcfdd96d7c878ce7e47b649a2d7afd958812406b

Sharing

Copy URL

Twitter E-mail

General

Target

8857166a30c14c3b17bdaa7fdcfdd96d7c878ce7e47b649a2d7afd958812406b
Size

46KB
MD5

5b531422117e440aaf86654a36401a4e
SHA1

5abbbafbee8ec1b7944c92f79e1cb2a155a132f2
SHA256

8857166a30c14c3b17bdaa7fdcfdd96d7c878ce7e47b649a2d7afd958812406b
SHA512

cd16b519d633b9a06d38d1cca07990860cb1bd23baacf84bb6bab2998084676df104c1426bc2bca0b21a735d2206a9f5b714675ef6df380875a3c7a72bdb8643
SSDEEP

768:c1Peef5ziI6/14/j+7Q5jFytxRxFwn83oinMMmB7hS2PNPjrrxsf:cZxfsbQj+7QRwxB4inqVrPNlsf

Score

N/A

Malware Config

Signatures

Files

8857166a30c14c3b17bdaa7fdcfdd96d7c878ce7e47b649a2d7afd958812406b
.exe windows x86

4cae89531d74a1c4590a25da4dda8dd1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

dhcpcsvc

McastApiCleanup
DhcpAcquireParametersByBroadcast
DhcpUndoRequestParams
DhcpFallbackRefreshParams
McastRequestAddress
DhcpDeRegisterParamChange
DhcpPersistentRequestParams
DhcpDelPersistentRequestParams
DhcpRegisterOptions
DhcpReleaseParameters
DhcpDeRegisterOptions
McastEnumerateScopes
DhcpRequestOptions
DhcpEnumClasses
DhcpAcquireParameters
DhcpRemoveDNSRegistrations
DhcpLeaseIpAddress
DhcpReleaseIpAddressLeaseEx
McastRenewAddress
DhcpRequestParams
DhcpCApiCleanup
DhcpReleaseIpAddressLease
DhcpLeaseIpAddressEx
DhcpRegisterParamChange
McastGenUID

kernel32

VirtualAlloc
TermsrvAppInstallMode
LZClose
GetTickCount
GetACP
SetConsoleActiveScreenBuffer
GetModuleHandleA
FindActCtxSectionStringA
OpenJobObjectA
EnumResourceTypesW
CloseConsoleHandle
_lread
DosPathToSessionPathW
ExpungeConsoleCommandHistoryW
GetNamedPipeHandleStateA
GetSystemDirectoryW
RtlCaptureStackBackTrace
GetThreadLocale
lstrcpyA
GetConsoleHardwareState
WritePrivateProfileSectionW
SuspendThread
OpenWaitableTimerW
CancelTimerQueueTimer
SetThreadExecutionState
GetDiskFreeSpaceW
FindFirstChangeNotificationW
LoadLibraryA
GetModuleHandleW
lstrcmp
GetTempPathA
SleepEx
CompareStringW
OpenWaitableTimerA
EnumDateFormatsExW

msvcirt

?gbump@streambuf@@IAEXH@Z
??0ifstream@@QAE@XZ
?tie@ios@@QAEPAVostream@@PAV2@@Z
??6ostream@@QAEAAV0@O@Z
?read@istream@@QAEAAV1@PADH@Z
?getline@istream@@QAEAAV1@PAEHD@Z
??_Distream@@QAEXXZ
?oct@@YAAAVios@@AAV1@@Z
?sync_with_stdio@ios@@SAXXZ
??5istream@@QAEAAV0@AAF@Z
?get@istream@@QAEAAV1@AAD@Z
??6ostream@@QAEAAV0@E@Z
?x_lockc@ios@@0U_CRT_CRITICAL_SECTION@@A
??_Gstreambuf@@UAEPAXI@Z
?fd@ofstream@@QBEHXZ
??4ostream@@IAEAAV0@PAVstreambuf@@@Z
?seekpos@streambuf@@UAEJJH@Z
??0fstream@@QAE@XZ
??_7stdiobuf@@6B@
??4iostream@@IAEAAV0@AAV0@@Z
??5istream@@QAEAAV0@AAM@Z
?doallocate@streambuf@@MAEHXZ
?xsputn@streambuf@@UAEHPBDH@Z
?setmode@ifstream@@QAEHH@Z
?setg@streambuf@@IAEXPAD00@Z

Sections

.text
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 414B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4cae89531d74a1c4590a25da4dda8dd1

Headers

DLL Characteristics

File Characteristics

Imports

dhcpcsvc

kernel32

msvcirt

Sections

.text Size: 35KB - Virtual size: 34KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 512B - Virtual size: 414B

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 35KB - Virtual size: 34KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 512B - Virtual size: 414B

.rsrc
Size: 4KB - Virtual size: 3KB