b10f1f8e56b61e897e7cf4d5306e176a11232be5599a2f2555dd2dc34ec81eff

General

Target

b10f1f8e56b61e897e7cf4d5306e176a11232be5599a2f2555dd2dc34ec81eff
Size

276KB
MD5

f8f65f50241584019acfb3f657d1d614
SHA1

8fb4e1411b2a7350b3853fd144c095841c3b50a0
SHA256

b10f1f8e56b61e897e7cf4d5306e176a11232be5599a2f2555dd2dc34ec81eff
SHA512

9eff540c586df9e8c8ef21633a6dd5cd70b9c3ac74fbe7c89f1e61c69fc4b40ef1187b49b75e9a84eb295d73ce74d2a2f09b53cdbeb4e1f585e1f62378772a35
SSDEEP

6144:R39c+L+NK8IASJutmMrw2f+ZzgSoDhyIKniDZxt1:R3DL18IjTOw2f++S1IKiXt1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b10f1f8e56b61e897e7cf4d5306e176a11232be5599a2f2555dd2dc34ec81eff

Files

b10f1f8e56b61e897e7cf4d5306e176a11232be5599a2f2555dd2dc34ec81eff
.exe windows:4 windows x86 arch:x86

639cc2213e1ef9a7c516caeca8c3e44a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CreateFontIndirectW

kernel32

DeleteCriticalSection
UnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
lstrlenA
SetUnhandledExceptionFilter
GetCurrentThreadId
InitializeCriticalSectionAndSpinCount
lstrlenW
GetModuleHandleW
VirtualAlloc

ole32

CoCreateInstance
StringFromCLSID
CoTaskMemFree
CLSIDFromString

oleaut32

GetErrorInfo
SysStringByteLen
SysStringLen
VariantInit
VariantClear
SysAllocString
SysAllocStringByteLen
SysFreeString
VarBstrCmp
SysAllocStringLen

user32

GetKeyboardLayout
SetWindowPos
ShowCaret
SetCapture
MessageBoxIndirectA
GetDlgItemTextW
GetClassInfoExW
LoadBitmapW
ActivateKeyboardLayout
CreateAcceleratorTableW
SendDlgItemMessageW
EnumClipboardFormats
CheckMenuItem
MonitorFromWindow
GetDlgItemTextA
GetCapture
CreatePopupMenu
DialogBoxIndirectParamW
InsertMenuItemA
GetMessageW
CharPrevA
SetDlgItemTextW
PostQuitMessage
DialogBoxParamA

dhcpcsvc

DhcpLeaseIpAddress
DhcpRenewIpAddressLeaseEx
DhcpAcquireParameters
DhcpStaticRefreshParams
DhcpOpenGlobalEvent

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 238KB - Virtual size: 5.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 445KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

639cc2213e1ef9a7c516caeca8c3e44a

Headers

File Characteristics

Imports

gdi32

kernel32

ole32

oleaut32

user32

dhcpcsvc

Sections

.text Size: 15KB - Virtual size: 14KB

.data Size: 238KB - Virtual size: 5.7MB

.rdata Size: 2KB - Virtual size: 445KB

.rsrc Size: 20KB - Virtual size: 19KB

.text
Size: 15KB - Virtual size: 14KB

.data
Size: 238KB - Virtual size: 5.7MB

.rdata
Size: 2KB - Virtual size: 445KB

.rsrc
Size: 20KB - Virtual size: 19KB