Malicious
Malicious

browsernetdhcp.exe

PE Executable
|
MD5: 3cccb5249fc5596d5fd1d08fc621f8e3
|
Size: 848.9 KB
|
application/x-dosexec

Infection Chain
Summary by MalvaGPT
Characteristics

Symbol Ofbuscation Score

Very high

Hash
 Hash Value
MD5
3cccb5249fc5596d5fd1d08fc621f8e3
Sha1
414cde6507141f7a2ebb2ee7065889df88f1730f
Sha256
48e2b04e41aba65bd5550a5576f4cef91e82004d46e814c3ae793fc4d13f5011
Sha384
f197beaff8328350d1dd6d6753f731f5d76d8919267dcd19867d6951e6e51db7a37313346f8b3b3529d5dc19eae16e81
Sha512
9e949bb5b7fa2abaf77274679176fb7e57138e58bb19bf6f4fbf65ee7a47ab7faa2652918019d1de74ee6ccf484a8bc35a0b0671e6b819c10eaff63a543ab829
SSDeep
12288:5m0jQKtVd5i1lybIjLtJFSW/+hpY63Wa0ShWcfo2BJbBj:5Mud5iW03tJFSk/63FCCoA
TLSH
9505F8057E48CE11F0291633C2FF454847B89D526AA6E32B7DBA77AE15123A73C0D9CB

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
browsernetdhcp.exe
Malicious
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.sdata
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
.Net Resources
GsFKSFAWKfsKvWdg8S.83i8BL1eyPl39tFwbS
otaDq5qEjj6wSkQkN6.tOoUEO520ijYD3wx6M
Informations
Name
 Value
Info

PE Detect: PeReader OK (file layout)
Module Name

rTnySpiVeh4KP2i762vficjTr0Cd
Full Name

rTnySpiVeh4KP2i762vficjTr0Cd
EntryPoint

System.Void F64GsQ1vs2nMHvkNd4J.gfnk0A1bhyvewZVsOEI::cW5gfbbp3b()
Scope Name

rTnySpiVeh4KP2i762vficjTr0Cd
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

6QRJAscirezNVko4jtqdysT00CPuTGbmEehQmBO
Assembly Version

1.0.3.2
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.0
Total Strings

63
Main Method

System.Void F64GsQ1vs2nMHvkNd4J.gfnk0A1bhyvewZVsOEI::cW5gfbbp3b()
Main IL Instruction Count

14
Main IL

br.s IL_000B: ldc.i4.0 call <null> ldnull <null> ldc.i4.0 <null> ldelem.ref <null> pop <null> ldc.i4.0 <null> brtrue.s IL_0007: ldnull call System.Void NFUEumg7B883muW8qUX.xjA6PLgaIftU5ebSAtK::kLjw4iIsCLsZtxc4lksN0j() nop <null> ldsfld System.Object F64GsQ1vs2nMHvkNd4J.gfnk0A1bhyvewZVsOEI::UhhgrSJwx4 callvirt System.Void VgIMr81a6j0ZDkUoD9y.HrhBfU1hPXa7quDCs8Z::ruhwGcdyTS() nop <null> ret <null>
Module Name

rTnySpiVeh4KP2i762vficjTr0Cd
Full Name

rTnySpiVeh4KP2i762vficjTr0Cd
EntryPoint

System.Void F64GsQ1vs2nMHvkNd4J.gfnk0A1bhyvewZVsOEI::cW5gfbbp3b()
Scope Name

rTnySpiVeh4KP2i762vficjTr0Cd
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

6QRJAscirezNVko4jtqdysT00CPuTGbmEehQmBO
Assembly Version

1.0.3.2
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

.NETFramework,Version=v4.0
Total Strings

63
Main Method

System.Void F64GsQ1vs2nMHvkNd4J.gfnk0A1bhyvewZVsOEI::cW5gfbbp3b()
Main IL Instruction Count

14
Main IL

br.s IL_000B: ldc.i4.0 call <null> ldnull <null> ldc.i4.0 <null> ldelem.ref <null> pop <null> ldc.i4.0 <null> brtrue.s IL_0007: ldnull call System.Void NFUEumg7B883muW8qUX.xjA6PLgaIftU5ebSAtK::kLjw4iIsCLsZtxc4lksN0j() nop <null> ldsfld System.Object F64GsQ1vs2nMHvkNd4J.gfnk0A1bhyvewZVsOEI::UhhgrSJwx4 callvirt System.Void VgIMr81a6j0ZDkUoD9y.HrhBfU1hPXa7quDCs8Z::ruhwGcdyTS() nop <null> ret <null>
browsernetdhcp.exe (848.9 KB)
File Structure
browsernetdhcp.exe
Malicious
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.sdata
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
.Net Resources
GsFKSFAWKfsKvWdg8S.83i8BL1eyPl39tFwbS
otaDq5qEjj6wSkQkN6.tOoUEO520ijYD3wx6M
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
An error has occurred. This application may no longer respond until reloaded. Reload 🗙