9f373f4c90bddf8a4c2cc00046f97388a4cc19a6f350b0cf3dc713ff5365d106N

Sharing

Copy URL

Twitter E-mail

General

Target

9f373f4c90bddf8a4c2cc00046f97388a4cc19a6f350b0cf3dc713ff5365d106N
Size

350KB
MD5

dcd2ab08fb738a4fde9b9aabfedb0190
SHA1

6ce80ca582d1dea824f1879acebc805247666dca
SHA256

9f373f4c90bddf8a4c2cc00046f97388a4cc19a6f350b0cf3dc713ff5365d106
SHA512

9e273ba186f224785410029ef0514608b909d164921a3ca487cc53a972203d93cd259f37b37935a02b0c386546e792971a8281a5ca00f1e90960599560ac336c
SSDEEP

6144:O/Y8cSQMqiFj+1x2dvASvNeOmbXpnrxYOTupOpcfYfcLH3pudfZ:OQ8cSLqil+6dDATbXF1YOTEycw28B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9f373f4c90bddf8a4c2cc00046f97388a4cc19a6f350b0cf3dc713ff5365d106N

Files

9f373f4c90bddf8a4c2cc00046f97388a4cc19a6f350b0cf3dc713ff5365d106N
.dll windows:4 windows x86 arch:x86

6a3e5f0eba92292f50075c1689a2485e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LockResource
CreateMailslotA
DeleteVolumeMountPointA
GetLastError
GetLocaleInfoA
GetUserDefaultLCID
RemoveDirectoryA
MoveFileA
AddRefActCtx
GetUserDefaultLangID
CloseHandle
UnlockFile
WriteFile
LockFile
SetFilePointer
EscapeCommFunction
CreateFileA
CopyFileA
GetEnvironmentVariableA
CreateDirectoryExA
GetTimeFormatW
GetSystemTime
LoadLibraryA
InterlockedExchange
FreeLibrary
GetProcAddress
LocalAlloc
AttachConsole
Toolhelp32ReadProcessMemory
SetThreadIdealProcessor
GetLargestConsoleWindowSize
SetConsoleMenuClose
SetConsoleMaximumWindowSize
lstrcpyW
SetSystemPowerState
GetProfileSectionA
ReadFile
VirtualProtect
RaiseException

ole32

OleLoad
HACCEL_UserUnmarshal
StgPropertyLengthAsVariant
CoIsHandlerConnected
OleGetIconOfClass
CreateStreamOnHGlobal
OleRegEnumVerbs
CoGetProcessIdentifier
CoRevokeInitializeSpy

dhcpcsvc

DhcpLeaseIpAddressEx
DhcpPersistentRequestParams
DhcpNotifyMediaReconnected
DhcpReleaseParameters
McastRenewAddress
DhcpCApiInitialize
McastRequestAddress
McastEnumerateScopes

Exports

Exports

SpecifyError

Sections

.text
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.INIT
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 227KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6a3e5f0eba92292f50075c1689a2485e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ole32

dhcpcsvc

Exports

Exports

Sections

.text Size: 24KB - Virtual size: 22KB

.INIT Size: 8KB - Virtual size: 4KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 12KB - Virtual size: 227KB

.rsrc Size: 80KB - Virtual size: 77KB

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 24KB - Virtual size: 22KB

.INIT
Size: 8KB - Virtual size: 4KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 12KB - Virtual size: 227KB

.rsrc
Size: 80KB - Virtual size: 77KB

.reloc
Size: 4KB - Virtual size: 1KB