7fab750273c06202efe5b0cfccb716f1

Sharing

Copy URL

Twitter E-mail

General

Target

7fab750273c06202efe5b0cfccb716f1
Size

103KB
MD5

7fab750273c06202efe5b0cfccb716f1
SHA1

b2a755fe28df4c97fd4acc2da72c4c25869a4cf4
SHA256

7c210588db0da1c7fa64701431c1796903321e04c698bf0770f63a5e021fa267
SHA512

21d170cc99fc9b9e4b6431f9c6f00db529e82a48fe27f3aaa5bc884c8bea97622302b48c117ccf52257ffd952d3f4e3d1a5a9317858cc062ac174e3f61e3db3b
SSDEEP

3072:3RFEnBowuMBA+bESlL9RgROXQtzkvATL:3RF4/uMB/J9RwCQFkvATL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7fab750273c06202efe5b0cfccb716f1

Files

7fab750273c06202efe5b0cfccb716f1
.exe windows:5 windows x86 arch:x86

6a7eff8659bc1505d8088509f54e221c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

printf
_wcsnicmp
_strlwr
_initterm
_wcslwr
_strupr
wcslen
memcpy
sscanf
mbstowcs
_purecall
malloc
_adjust_fdiv
fread
wcscmp
memset
_except_handler3
fwrite
wcsrchr
wcsncmp
fopen
fclose
free
strstr
strncpy
fseek
memmove
wcstombs

dhcpcsvc

DhcpRequestOptions

kernel32

InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
UnhandledExceptionFilter
SetFileAttributesA
GetVersion
QueryPerformanceCounter
GetSystemTime
lstrlenW
CopyFileA
RemoveDirectoryW
VirtualAlloc
GetCurrentProcess
CreateFileA
FreeEnvironmentStringsW
GetProcAddress
Sleep
GetDiskFreeSpaceA
FreeLibrary
InitializeCriticalSection
GetLastError
GetEnvironmentStringsW
TerminateProcess
GetFileAttributesA
GlobalMemoryStatus
SetEvent
VirtualProtect
GetCurrentThreadId
LeaveCriticalSection
WaitForSingleObject
GetModuleHandleW
HeapFree
GetFileAttributesW
GetEnvironmentStrings
TlsGetValue
GetVersionExW
FreeEnvironmentStringsA
CreateDirectoryW
TlsSetValue
LoadLibraryA
LocalFree
GetSystemDirectoryA
IsBadReadPtr
MapViewOfFile
TlsAlloc
SetLastError
FindClose
GetWindowsDirectoryW
EnterCriticalSection
CloseHandle
GetProcessHeap
UnmapViewOfFile
GetWindowsDirectoryA
CreateEventA
DeleteFileW
DeviceIoControl
GetVersionExA
TlsFree
HeapAlloc
CreateFileMappingW
GetLocalTime
GetTickCount
lstrlenA
LoadLibraryW
FindFirstFileW
ExitProcess
FindNextFileW
WideCharToMultiByte
GetCurrentProcessId
DeleteCriticalSection
VirtualFree
SetFileAttributesW

advapi32

SetNamedSecurityInfoW
RegDeleteValueW
RegSetValueExA
RegCreateKeyExW
GetSecurityDescriptorDacl
RegQueryValueExA
RegCreateKeyExA
RegSetValueExW
RegOpenKeyExW
RegOpenKeyW
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegQueryValueExW
RegOpenKeyExA
RegCloseKey

activeds

DllGetClassObject

cmdial32

AutoDialFunc

Sections

.textbss
Size: - Virtual size: 496KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 444B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1004B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6a7eff8659bc1505d8088509f54e221c

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

dhcpcsvc

kernel32

advapi32

activeds

cmdial32

Sections

.textbss Size: - Virtual size: 496KB

.text Size: 512B - Virtual size: 444B

.idata Size: 100KB - Virtual size: 99KB

.rdata Size: 512B - Virtual size: 32B

.reloc Size: 512B - Virtual size: 28B

.data Size: 1024B - Virtual size: 1004B

.textbss
Size: - Virtual size: 496KB

.text
Size: 512B - Virtual size: 444B

.idata
Size: 100KB - Virtual size: 99KB

.rdata
Size: 512B - Virtual size: 32B

.reloc
Size: 512B - Virtual size: 28B

.data
Size: 1024B - Virtual size: 1004B