99e9f6127fa1ee3d4d929b4f780be46096c23398daf0e010180d8c24f8aa5bd9

Sharing

Copy URL Twitter E-mail

General

Target

99e9f6127fa1ee3d4d929b4f780be46096c23398daf0e010180d8c24f8aa5bd9
Size

810KB
MD5

5fd569d4d1010bd1cf7cbc04401847b0
SHA1

a67fef73e3e8fe4baa1cacca5ce4114805e8a368
SHA256

99e9f6127fa1ee3d4d929b4f780be46096c23398daf0e010180d8c24f8aa5bd9
SHA512

f781d500fbfea7897b43499416b14230a6d498baf2472fe78f8ffcaf2c1c5c77ffd75d74ec7f6606b14892b50f30f0f68f2437d07502e9ce80985a7d7556b3d8
SSDEEP

24576:CF5+OoR481lHqyhcYsd7UJslm4TCBNah332XsDY1P:iI40lfhXwmkw8AXyi

Score

N/A

Malware Config

Signatures

Files

99e9f6127fa1ee3d4d929b4f780be46096c23398daf0e010180d8c24f8aa5bd9
.exe windows x86

f9ec4758a852a2d2f4917aceb5648932

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

dhcpcsvc

DhcpCApiCleanup
DhcpPersistentRequestParams
DhcpRegisterParamChange
DhcpRequestOptions
DhcpNotifyConfigChangeEx
DhcpLeaseIpAddress
McastRenewAddress
DhcpRegisterOptions
DhcpHandlePnPEvent
McastEnumerateScopes
DhcpReleaseIpAddressLeaseEx
DhcpRenewIpAddressLeaseEx
DhcpDeRegisterOptions
DhcpReleaseIpAddressLease
McastRequestAddress
DhcpReleaseParameters
McastApiCleanup
DhcpUndoRequestParams
McastGenUID
DhcpCApiInitialize
McastApiStartup
DhcpFallbackRefreshParams
DhcpOpenGlobalEvent
DhcpAcquireParametersByBroadcast
DhcpRequestParams
DhcpEnumClasses

kernel32

lstrcmpi
PeekConsoleInputW
VirtualProtectEx
CreateMemoryResourceNotification
LocalFlags
LZCreateFileW
SetTimeZoneInformation
GetHandleInformation
SetTapeParameters
GetLocaleInfoW
FormatMessageW
SearchPathA
OpenJobObjectW
WritePrivateProfileSectionA
WriteConsoleOutputAttribute
LoadLibraryA
ReadProcessMemory
GetProcessTimes
VirtualAlloc
SetFileAttributesA
DeleteCriticalSection
GetProcessHeap
GetTimeZoneInformation
GetMailslotInfo
SetConsoleOutputCP
TlsFree
DeactivateActCtx
GetLocaleInfoA
CreateJobObjectW
CreateMutexA
EnumDateFormatsExA
GetEnvironmentStringsA
FreeLibrary
VDMOperationStarted
GetLogicalDriveStringsA

msvcirt

?rdbuf@stdiostream@@QBEPAVstdiobuf@@XZ
??0istream_withassign@@QAE@ABV0@@Z
??4istream_withassign@@QAEAAVistream@@ABV1@@Z
??1stdiostream@@UAE@XZ
??_Eistrstream@@UAEPAXI@Z
?put@ostream@@QAEAAV1@C@Z
?pcount@strstream@@QBEHXZ
?doallocate@strstreambuf@@MAEHXZ
?opfx@ostream@@QAEHXZ
?ipfx@istream@@QAEHH@Z
?tie@ios@@QBEPAVostream@@XZ
?clrlock@streambuf@@QAEXXZ
?precision@ios@@QAEHH@Z
??0stdiostream@@QAE@PAU_iobuf@@@Z
??0ifstream@@QAE@H@Z
??0strstream@@QAE@XZ
??0ifstream@@QAE@PBDHH@Z
??0ostream@@QAE@PAVstreambuf@@@Z
?setbuf@streambuf@@UAEPAV1@PADH@Z
??6ostream@@QAEAAV0@N@Z
??6ostream@@QAEAAV0@PBD@Z
?lockptr@streambuf@@IAEPAU_CRT_CRITICAL_SECTION@@XZ
??0iostream@@IAE@ABV0@@Z
?delbuf@ios@@QBEHXZ
??1ostrstream@@UAE@XZ
?setmode@ifstream@@QAEHH@Z

clusapi

ClusterNetworkOpenEnum
ClusterResourceOpenEnum
ClusterResourceControl
ClusterGroupEnum
ClusterNodeOpenEnum
ClusterRegQueryValue
GetClusterResourceTypeKey
OfflineClusterResource
GetClusterFromNetInterface
OpenClusterNetwork
SetClusterQuorumResource
ClusterRegQueryInfoKey
ClusterNetworkEnum
RestoreClusterDatabase
ClusterGroupControl
ClusterGroupCloseEnum
ClusterResourceCloseEnum
CreateClusterResource
ClusterEnum
OpenClusterResource
RegisterClusterNotify
ClusterResourceTypeGetEnumCount
FailClusterResource
BackupClusterDatabase
ClusterRegDeleteValue
ClusterGroupOpenEnum
GetClusterNetInterfaceKey
ClusterResourceGetEnumCount
GetClusterNetworkId
ResumeClusterNode
GetClusterNodeKey

mshtmled

DllEnumClassObjects

Sections

.text
Size: 385KB - Virtual size: 385KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 154KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 148KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f9ec4758a852a2d2f4917aceb5648932

Headers

DLL Characteristics

File Characteristics

Imports

dhcpcsvc

kernel32

msvcirt

clusapi

mshtmled

Sections

.text Size: 385KB - Virtual size: 385KB

.rdata Size: 120KB - Virtual size: 119KB

.data Size: 154KB - Virtual size: 1.6MB

.rsrc Size: 148KB - Virtual size: 147KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 385KB - Virtual size: 385KB

.rdata
Size: 120KB - Virtual size: 119KB

.data
Size: 154KB - Virtual size: 1.6MB

.rsrc
Size: 148KB - Virtual size: 147KB

.reloc
Size: 1KB - Virtual size: 1KB