8fd450190d19193e12ba162cd68a44b4e123e457e3130148c4f0a0e1668c2dad

Sharing

Copy URL

Twitter E-mail

General

Target

8fd450190d19193e12ba162cd68a44b4e123e457e3130148c4f0a0e1668c2dad
Size

169KB
MD5

c4e8f8de0ff0144dc794f122bf09c880
SHA1

c3f23cec743eb8fefd27ea688d8e7076c3487b26
SHA256

8fd450190d19193e12ba162cd68a44b4e123e457e3130148c4f0a0e1668c2dad
SHA512

b9b11067be67f1cb195cac637006010c7ed34f8b93840ad9a4c3dac63bed016fef0ef7daeba51eb65aadbb4b8ec8216fdda138cffab28111daecda44f4e8b685
SSDEEP

3072:Sg/NN3lW5LBHtnUB7xZaBM36hrBafDG3KIbbQ7bB0GsNkioQOL0gNv:5NN4Zy7xoO3UrstI6bqGTiovp

Score

N/A

Malware Config

Signatures

Files

8fd450190d19193e12ba162cd68a44b4e123e457e3130148c4f0a0e1668c2dad
.dll windows x86

d816a38bd8013922a62e9e08a664e773

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

nss3

PL_HashTableLookupConst
PL_CompareValues
SECITEM_HashCompare
PR_SecondsToInterval
DER_SetUInteger
PR_Sleep
PR_smprintf_free
SECOID_Init
SECOID_Shutdown
UTIL_SetForkState
NSSUTIL_DoModuleDBFunction
_NSSUTIL_GetSecmodName
SEC_QuickDERDecodeItem_Util
NSS_Get_SEC_OctetStringTemplate_Util
NSS_SecureMemcmp
_SGN_VerifyPKCS1DigestInfo
DER_Encode_Util
SGN_CreateDigestInfo_Util
SGN_DestroyDigestInfo_Util
SECOID_FindOIDByMechanism
PL_HashTableEnumerateEntries
PL_strcasecmp
PORT_Strdup_Util
sqlite3_close
sqlite3_exec
sqlite3_busy_timeout
sqlite3_mprintf
sqlite3_free
sqlite3_open_v2
sqlite3_prepare_v2
SECITEM_CompareItem_Util
sqlite3_bind_int
PORT_ArenaGrow_Util
sqlite3_step
sqlite3_column_blob
sqlite3_column_int
sqlite3_column_bytes
sqlite3_finalize
sqlite3_reset
sqlite3_file_control
PR_IntervalNow
PR_MillisecondsToInterval
PR_GetCurrentThread
PL_HashTableLookup
PR_Access
PR_NewMonitor
PR_DestroyMonitor
PR_EnterMonitor
PR_ExitMonitor
_NSSUTIL_UTF8ToWide
_NSSUTIL_Access
PR_smprintf
_NSSUTIL_EvaluateConfigDir
PL_strncasecmp
NSSUTIL_ArgFetchValue
NSSUTIL_ArgStrip
NSSUTIL_ArgSkipParameter
NSSUTIL_ArgGetLabel
NSSUTIL_ArgDecodeNumber
NSSUTIL_ArgIsBlank
NSSUTIL_ArgHasFlag
PORT_FreeArena_Util
PORT_NewArena_Util
PORT_GetError_Util
PORT_Realloc_Util
PR_DestroyLock
PR_NewLock
SECOID_DestroyAlgorithmID_Util
SECOID_GetAlgorithmTag_Util
SECOID_CopyAlgorithmID_Util
PL_HashTableRemove
PL_HashTableAdd
PL_HashTableDestroy
SECOID_SetAlgorithmID_Util
PL_NewHashTable
DER_GetInteger_Util
SEC_ASN1EncodeInteger_Util
SEC_ASN1EncodeItem_Util
SEC_ASN1DecodeItem_Util
SECITEM_ZfreeItem_Util
SECITEM_DupItem_Util
SECITEM_ItemsAreEqual_Util
SECITEM_AllocItem_Util
PORT_ZFree_Util
PORT_ZAlloc_Util
SECITEM_FreeItem_Util
SECITEM_CopyItem_Util
PORT_ArenaZAlloc_Util
NSS_Get_SECOID_AlgorithmIDTemplate_Util
NSS_Get_SEC_ObjectIDTemplate_Util
NSS_Get_SEC_BitStringTemplate_Util
PR_Now
NSS_Get_SEC_AnyTemplate_Util
PORT_ArenaAlloc_Util
PR_Unlock
PR_Lock
sqlite3_bind_text
PORT_SetError_Util
PR_GetEnv
PR_snprintf
PR_GetDirectorySeparator
PR_GetEnvSecure
PR_CallOnce
PR_SetError
PR_Free
PORT_Free_Util
PORT_Alloc_Util
PR_GetLibraryFilePathname
PR_FindFunctionSymbol
PR_UnloadLibrary
sqlite3_bind_blob
PR_LoadLibraryWithFlags

kernel32

TerminateProcess
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
WideCharToMultiByte
GetTempPathA
GetCurrentProcess

vcruntime140

memcpy
memset
__std_type_info_destroy_list
_except_handler4_common
strrchr

api-ms-win-crt-string-l1-1-0

isdigit
islower
isupper

api-ms-win-crt-convert-l1-1-0

atoi

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf

api-ms-win-crt-heap-l1-1-0

malloc
free

api-ms-win-crt-filesystem-l1-1-0

_wchmod

api-ms-win-crt-environment-l1-1-0

getenv

api-ms-win-crt-runtime-l1-1-0

_initterm
_execute_onexit_table
_initterm_e
_register_onexit_function
_configure_narrow_argv
_crt_atexit
_cexit
_initialize_narrow_environment
_initialize_onexit_table
_seh_filter_dll

Exports

Exports

C_GetFunctionList
FC_GetFunctionList
NSC_GetFunctionList
NSC_ModuleDBFunc

Sections

.text
Size: 142KB - Virtual size: 141KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 872B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d816a38bd8013922a62e9e08a664e773

Headers

DLL Characteristics

File Characteristics

Imports

nss3

kernel32

vcruntime140

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-environment-l1-1-0

api-ms-win-crt-runtime-l1-1-0

Exports

Exports

Sections

.text Size: 142KB - Virtual size: 141KB

.rdata Size: 18KB - Virtual size: 17KB

.data Size: 1024B - Virtual size: 1KB

.gfids Size: 512B - Virtual size: 20B

.rsrc Size: 1024B - Virtual size: 872B

.reloc Size: 6KB - Virtual size: 5KB

.text
Size: 142KB - Virtual size: 141KB

.rdata
Size: 18KB - Virtual size: 17KB

.data
Size: 1024B - Virtual size: 1KB

.gfids
Size: 512B - Virtual size: 20B

.rsrc
Size: 1024B - Virtual size: 872B

.reloc
Size: 6KB - Virtual size: 5KB