cd3b3a3bcd25ed86344b8dc3c8534d6d

Sharing

Copy URL Twitter E-mail

General

Target

cd3b3a3bcd25ed86344b8dc3c8534d6d
Size

82KB
MD5

cd3b3a3bcd25ed86344b8dc3c8534d6d
SHA1

248eb15fd32d3c09ab5cafb47670b618348228fd
SHA256

1bb395ee131cb270d0f4dc977b7183be3385b48d314b652a8588e3344592c392
SHA512

5feb33ce486aa5e02a63613884bef53ff1168b1b05bb3f71ac1621f14137b6e2334b1e7fb170edc9a41ee52494a2b6fbad55f5b9f22e9879d25acfb870acf578
SSDEEP

1536:WFcUoZk67uSyR6ktuWoq8hjoLifQJHK+bHzZU/fNBjPNANn3:WFBo/7zypuvJj4hVNU/VVFAd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cd3b3a3bcd25ed86344b8dc3c8534d6d

Files

cd3b3a3bcd25ed86344b8dc3c8534d6d
.exe windows:5 windows x86 arch:x86

df0995ae548473996bb6ecce3fd5494c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDC
EndDialog
PaintMenuBar
TileWindows
GetWindowRgnBox
DestroyMenu
GetDCEx
ShowWindowAsync
SubtractRect
GetClipboardOwner
GetReasonTitleFromReasonCode
CharToOemA
ValidateRgn
LoadIconA
TranslateMessage
GetMenuState
LoadCursorA
DrawFrame

setupapi

SetupGetSourceFileSizeW
pSetupOutOfMemory
SetupDiSetClassInstallParamsW
CM_Get_Class_NameW
SetupRemoveFromDiskSpaceListW
DoesUserHavePrivilege
SetupFindFirstLineA
SetupDiCreateDeviceInfoListExW
SetupDiGetHwProfileListExA
SetupDiGetClassDevsExA
SetupDiSetClassRegistryPropertyA
pSetupVerifyQueuedCatalogs
SetupDiCreateDeviceInfoA
SetupCopyOEMInfW
CM_Modify_Res_Des
SetupAddToDiskSpaceListA
CM_Enumerate_EnumeratorsW

kernel32

GetFileSize
GlobalUnWire
GetNamedPipeHandleStateA
VirtualAlloc
BaseFlushAppcompatCache
GetSystemDefaultLCID
SetUserGeoID
SetSystemTime
GetVersionExW
GetNamedPipeHandleStateW
CloseProfileUserMapping
RegisterConsoleOS2
GetCommandLineW
GetProcessPriorityBoost
ReleaseMutex
GetSystemTimeAsFileTime
SetThreadUILanguage
FindFirstFileExA
WriteProfileStringW
GetFileAttributesA
GetCPInfoExW
FindFirstVolumeMountPointA
LoadLibraryA
IsWow64Process
FindVolumeMountPointClose
GetMailslotInfo
GetNativeSystemInfo
SetProcessShutdownParameters
GetProfileIntW

dhcpcsvc

DhcpStaticRefreshParams
DhcpEnumClasses
DhcpRenewIpAddressLeaseEx
DhcpOpenGlobalEvent
DhcpAcquireParameters
DhcpFallbackRefreshParams
DhcpReleaseParameters
DhcpCApiInitialize
DhcpDeRegisterOptions
DhcpNotifyConfigChange
DhcpPersistentRequestParams
DhcpNotifyConfigChangeEx
DhcpDelPersistentRequestParams
DhcpLeaseIpAddress
DhcpRegisterParamChange
DhcpReleaseIpAddressLeaseEx

query

??0CTransaction@@QAE@XZ
??0CDbContentRestriction@@QAE@PBGABVCDbColumnNode@@KK@Z
??1CWordRestriction@@QAE@XZ
?_FindOrAddValueNode@CDbPropertyRestriction@@AAEPAVCDbScalarValue@@XZ
??0CCiAdminParams@@QAE@PAVCLangList@@@Z
?ParseExpression@CParseCommandTree@@QAEPAVCRestriction@@PAVCDbCmdTreeNode@@@Z
?_FindOrAddAnchor@CDbSortNode@@AAEPAVCDbSortListAnchor@@XZ
?Empty@CRcovStrmWriteTrans@@QAEXXZ
?Empty@CSdidLookupTable@@QAEXXZ
??1COccRestriction@@QAE@XZ
?SkipFloat@CMemDeSerStream@@UAEXXZ
?GetCGIVariable@CWebServer@@QAEHPBDAAV?$XArray@G@@AAK@Z
?QueryPidLookupTable@CiStorage@@QAEPAVPRcovStorageObj@@K@Z

Sections

.text
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 260B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

df0995ae548473996bb6ecce3fd5494c

Headers

DLL Characteristics

File Characteristics

Imports

user32

setupapi

kernel32

dhcpcsvc

query

Sections

.text Size: 34KB - Virtual size: 34KB

.data Size: 28KB - Virtual size: 33KB

.rsrc Size: 18KB - Virtual size: 18KB

.reloc Size: 512B - Virtual size: 260B

.text
Size: 34KB - Virtual size: 34KB

.data
Size: 28KB - Virtual size: 33KB

.rsrc
Size: 18KB - Virtual size: 18KB

.reloc
Size: 512B - Virtual size: 260B