ad7421b1b03276fda48b6839f7ec672b

Sharing

Copy URL Twitter E-mail

General

Target

ad7421b1b03276fda48b6839f7ec672b
Size

83KB
MD5

ad7421b1b03276fda48b6839f7ec672b
SHA1

32295490d735d3506e44ed9ab851a98dc164630b
SHA256

2cade385116e1a1d209d024d0dd1b9cd4358be1e8884e36d27a4a17c78213765
SHA512

144c4fdafbfd95d969341111cedbe173362fdeb3d0ced70f80ce66dd5a1f5629c72aee6f176bd6df12158b8a53b1ab6772c662db2c212e09853ab882d23f7f4f
SSDEEP

1536:70/sNk8eXfH+vT8ppvMX+JUMWj5XcKNDJZWBlQ1B23fN:7078eXKQcX+JQjKKNFzGN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ad7421b1b03276fda48b6839f7ec672b

Files

ad7421b1b03276fda48b6839f7ec672b
.exe windows:5 windows x86 arch:x86

b4f60e263d0a557c821eeb8622a89dbc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

dhcpsapi

DhcpSetOptionValueV5
DhcpEnumMScopeElements
DhcpDeleteClass
DhcpEnumSubnetClients
DhcpCreateClientInfoV4
DhcpGetAllOptions
DhcpCreateSubnet
DhcpGetClientInfo
DhcpDeleteClientInfo
DhcpGetMibInfo
DhcpEnumSubnetElementsV5
DhcpSetMScopeInfo
DhcpSetSubnetInfo
DhcpRpcFreeMemory
DhcpEnumSubnetClientsV5
DhcpCreateOptionV5
DhcpAuditLogSetParams

user32

DdeUninitialize
InvalidateRect
GetClassInfoExW
GetClientRect
GetWindowRgnBox
PostMessageW
GetMouseMovePointsEx
GetAltTabInfoA
CascadeWindows
AdjustWindowRectEx
DdeAddData
DlgDirSelectComboBoxExA

msvcirt

??6ostream@@QAEAAV0@K@Z
?hex@@YAAAVios@@AAV1@@Z
?setbuf@ofstream@@QAEPAVstreambuf@@PADH@Z
??0streambuf@@IAE@PADH@Z
??4fstream@@QAEAAV0@AAV0@@Z
?unbuffered@streambuf@@IAEXH@Z
??0stdiobuf@@QAE@ABV0@@Z
??_Distream_withassign@@QAEXXZ
?write@ostream@@QAEAAV1@PBDH@Z
??4ostrstream@@QAEAAV0@ABV0@@Z
?fail@ios@@QBEHXZ
?open@ifstream@@QAEXPBDHH@Z

kernel32

GetNativeSystemInfo
ResetWriteWatch
GetTempPathA
BaseCleanupAppcompatCacheSupport
VirtualAlloc
GetBinaryTypeA
GetEnvironmentStrings
GetNumaAvailableMemoryNode
GetConsoleFontSize
SetConsoleHardwareState
LZOpenFileW
SetEvent
LoadLibraryA
GetConsoleCursorInfo
SetThreadAffinityMask
LocalAlloc

Sections

.text
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 328B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b4f60e263d0a557c821eeb8622a89dbc

Headers

DLL Characteristics

File Characteristics

Imports

dhcpsapi

user32

msvcirt

kernel32

Sections

.text Size: 36KB - Virtual size: 36KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 24KB - Virtual size: 30KB

.rsrc Size: 19KB - Virtual size: 19KB

.reloc Size: 512B - Virtual size: 328B

.text
Size: 36KB - Virtual size: 36KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 24KB - Virtual size: 30KB

.rsrc
Size: 19KB - Virtual size: 19KB

.reloc
Size: 512B - Virtual size: 328B