dhcpcmonitor[.]dll

General

Target

dhcpcmonitor.dll
Size

13KB
MD5

4c6f10fa56855f570b948447d795ecb3
SHA1

fb663e3c8efff8a6483c512b39d3a2133f9e5501
SHA256

4abaa7a8ff594e8a15a5fe21fc46cef3cbf29f91c4ab492bdf6dc4133888c838
SHA512

6f35d90c1d86649166fe2bbb44f1c02eb73b188de5d2ccc903538ba10d3849f3c0aee6f97018ba5f4a54b702cf8534e647ebd6f972acc6fb7f4f05ec234ca68b
SSDEEP

192:o40KkHKDghY2+T/0/8rXKSn5SJJz7pWIvWxBW3R:otHKDghY2+T/0/8TN4JaIvWxBW3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dhcpcmonitor.dll

Files

dhcpcmonitor.dll
.dll windows:10 windows x86 arch:x86

49dacc9c9a86e53ab06a3775113b415a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

dhcpcmonitor.pdb

Imports

msvcrt

_XcptFilter
_amsg_exit
_wfopen
free
malloc
_initterm
_except_handler4_common
fprintf
fclose
fflush
memset

kernel32

Sleep
ResolveDelayLoadedAPI
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetTickCount
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
GetLastError
LoadLibraryExW
HeapAlloc
GetWindowsDirectoryW
DisableThreadLibraryCalls
FreeLibrary
HeapFree
GetProcessHeap
DelayLoadFailureHook

netsh.exe

MatchCmdLine
PrintError
RegisterContext
MatchToken
PrintMessageFromModule
RegisterHelper
DisplayMessageM

Exports

Exports

InitHelperDll

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 616B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

49dacc9c9a86e53ab06a3775113b415a

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

kernel32

netsh.exe

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 1KB

.idata Size: 1KB - Virtual size: 1KB

.didat Size: 512B - Virtual size: 24B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1024B - Virtual size: 616B

.text
Size: 7KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 1KB

.idata
Size: 1KB - Virtual size: 1KB

.didat
Size: 512B - Virtual size: 24B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 616B