dhcpcsvc6[.]dll

Sharing

Copy URL

Twitter E-mail

General

Target

dhcpcsvc6.dll
Size

60KB
MD5

93d0261a9ae9ecc94ca493ec377597a2
SHA1

509cab32b33f6efdeb70473fcc8832cc1d62bfb9
SHA256

97e9a785a03853a9cc0d49424a0fb30520fcdd45673f416fbbb87cc81f19d2db
SHA512

9f5ac896cdb3e9104c1add65dfec2128ab24aa079c8d0b91fe044fd9a5a8b7e0cf406edb18d4fa631986ddc90661cded56d49cd29c74aa33e1297f04d2ca7ddc
SSDEEP

768:/RhKljMrtbgrDsR5BPAlwgYbEn1lmph02hn7F00rYQ4:inQAl7WphFhn7aWp4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dhcpcsvc6.dll

Files

dhcpcsvc6.dll
.dll windows:10 windows x86 arch:x86

e94762bbeab21dc15d0adc6bdbb8f97f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

dhcpcsvc6.pdb

Imports

api-ms-win-core-crt-l2-1-0

_initterm_e
_initterm
time

ntdll

RtlIsStateSeparationEnabled
EtwTraceMessage
RtlGetDeviceFamilyInfoEnum
EtwRegisterTraceGuidsW
EtwGetTraceEnableFlags
EtwGetTraceEnableLevel
EtwGetTraceLoggerHandle
RtlGUIDFromString
RtlInitUnicodeString
RtlNtStatusToDosError
RtlFreeUnicodeString
EtwUnregisterTraceGuids
RtlStringFromGUID

rpcrt4

RpcBindingFromStringBindingW
RpcBindingSetAuthInfoW
NdrClientCall4
RpcStringBindingComposeW
RpcBindingSetOption
RpcStringFreeW
RpcBindingFree

api-ms-win-core-errorhandling-l1-1-0

UnhandledExceptionFilter
GetLastError
SetUnhandledExceptionFilter

api-ms-win-core-heap-l1-1-0

HeapFree
HeapAlloc
GetProcessHeap

api-ms-win-core-libraryloader-l1-2-0

DisableThreadLibraryCalls

api-ms-win-core-registry-l1-1-0

RegCloseKey
RegQueryValueExW
RegDeleteValueW
RegSetValueExW
RegOpenKeyExW

api-ms-win-core-heap-obsolete-l1-1-0

LocalFree
LocalAlloc

api-ms-win-core-processthreads-l1-1-0

GetCurrentProcess
GetCurrentThreadId
GetCurrentProcessId
TerminateProcess

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-string-l1-1-0

WideCharToMultiByte

api-ms-win-core-synch-l1-1-0

InitializeCriticalSection
DeleteCriticalSection

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime
GetTickCount

api-ms-win-core-util-l1-1-0

EncodePointer
DecodePointer

api-ms-win-downlevel-kernel32-l1-1-0

GetCommandLineW

api-ms-win-core-apiquery-l1-1-0

ApiSetQueryApiSetPresence

api-ms-win-core-crt-l1-1-0

memcpy
_except_handler4_common
wcsrchr
wcschr
memset

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadedAPI

api-ms-win-core-delayload-l1-1-0

DelayLoadFailureHook

Exports

Exports

Dhcpv6AcquireParameters
Dhcpv6CApiCleanup
Dhcpv6CApiInitialize
Dhcpv6CancelOperation
Dhcpv6EnableDhcp
Dhcpv6EnableTracing
Dhcpv6FreeLeaseInfo
Dhcpv6FreeLeaseInfoArray
Dhcpv6GetTraceArray
Dhcpv6GetUserClasses
Dhcpv6IsEnabled
Dhcpv6QueryLeaseInfo
Dhcpv6QueryLeaseInfoArray
Dhcpv6ReleaseParameters
Dhcpv6ReleasePrefix
Dhcpv6ReleasePrefixEx
Dhcpv6RenewPrefix
Dhcpv6RenewPrefixEx
Dhcpv6RequestParams
Dhcpv6RequestPrefix
Dhcpv6RequestPrefixEx
Dhcpv6SetUserClass

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e94762bbeab21dc15d0adc6bdbb8f97f

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

api-ms-win-core-crt-l2-1-0

ntdll

rpcrt4

api-ms-win-core-errorhandling-l1-1-0

api-ms-win-core-heap-l1-1-0

api-ms-win-core-libraryloader-l1-2-0

api-ms-win-core-registry-l1-1-0

api-ms-win-core-heap-obsolete-l1-1-0

api-ms-win-core-processthreads-l1-1-0

api-ms-win-core-profile-l1-1-0

api-ms-win-core-string-l1-1-0

api-ms-win-core-synch-l1-1-0

api-ms-win-core-sysinfo-l1-1-0

api-ms-win-core-util-l1-1-0

api-ms-win-downlevel-kernel32-l1-1-0

api-ms-win-core-apiquery-l1-1-0

api-ms-win-core-crt-l1-1-0

api-ms-win-core-delayload-l1-1-1

api-ms-win-core-delayload-l1-1-0

Exports

Exports

Sections

.text Size: 24KB - Virtual size: 24KB

.data Size: 512B - Virtual size: 1KB

.idata Size: 3KB - Virtual size: 2KB

.didat Size: 512B - Virtual size: 40B

.rsrc Size: 29KB - Virtual size: 28KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 24KB - Virtual size: 24KB

.data
Size: 512B - Virtual size: 1KB

.idata
Size: 3KB - Virtual size: 2KB

.didat
Size: 512B - Virtual size: 40B

.rsrc
Size: 29KB - Virtual size: 28KB

.reloc
Size: 1KB - Virtual size: 1KB