e50a967cd531b39912e83430d592ceea5b9378d63cc4023bfea6f1c78f55259e

Sharing

Copy URL Twitter E-mail

General

Target

e50a967cd531b39912e83430d592ceea5b9378d63cc4023bfea6f1c78f55259e
Size

176KB
MD5

62ecbd974953c5becb9b49bbfec55c0c
SHA1

bef989cbdc9812d387209a6de9c9ace52e81f10a
SHA256

e50a967cd531b39912e83430d592ceea5b9378d63cc4023bfea6f1c78f55259e
SHA512

6d9d79fdd16017313e38a85b6c3b299e0b83d88fc1c6914e347449caacbcbe11a5e4632cf8452de12530ecebd09ab22ac60e885b0fe916a5039a5738bd907752
SSDEEP

3072:zv+MNwqtlWTtjbapEbv12+Dj/QZFnnwj0eNj+UlwUVMR:zv+gwqtlwbDcLwQeNyUl8R

Score

N/A

Malware Config

Signatures

Files

e50a967cd531b39912e83430d592ceea5b9378d63cc4023bfea6f1c78f55259e
.dll windows x86

4644620b9dd193a1fb51928809b14a03

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

xpcom_core

?NS_CopyNativeToUnicode@@YAIABVnsACString_internal@@AAVnsAString_internal@@@Z
?Assign@nsCSubstring@@QAEXABV1@@Z
?Adopt@nsCSubstring@@QAEXPADI@Z
?EnsureMutable@nsCSubstring@@IAEXXZ
?ToNewUnicode@@YAPAGABVnsAString_internal@@@Z
?assign_with_AddRef@nsCOMPtr_base@@QAEXPAVnsISupports@@@Z
?Assign@nsSubstring@@QAEXPBGI@Z
?assign_from_qi_with_error@nsCOMPtr_base@@QAEXABVnsQueryInterfaceWithError@@ABUnsID@@@Z
?strcmp@nsCRT@@SAHPBG0@Z
?SetLength@nsSubstring@@QAEXI@Z
?Replace@nsCSubstring@@QAEXIIPBDI@Z
?Equals@nsCSubstring@@QBEHPBD@Z
?Put@nsHashtable@@QAEPAXPAVnsHashKey@@PAX@Z
?LossyCopyUTF16toASCII@@YAXPBGAAVnsACString_internal@@@Z
NS_NewLocalFile_P
?EmptyCString@@YAABVnsCString@@XZ
?Equals@nsSubstring@@QBEHPBG@Z
??0nsCreateInstanceByCID@@QAE@ABUnsID@@PAVnsISupports@@PAI@Z
?Assign@nsCSubstring@@QAEXABVnsCSubstringTuple@@@Z
??_7nsCreateInstanceByContractID@@6B@
?SizeTo@nsVoidArray@@UAEHH@Z
??1nsCOMPtr_base@@QAE@XZ
?Assign@nsCSubstring@@QAEXPBDI@Z
?strtok@nsCRT@@SAPADPADPBDPAPAD@Z
?Clear@nsVoidArray@@UAEXXZ
??0nsVoidArray@@QAE@XZ
??1nsVoidArray@@UAE@XZ
?ElementAt@nsVoidArray@@QBEPAXH@Z
?InsertElementAt@nsVoidArray@@QAEHPAXH@Z
?Equals@nsSubstring@@QBEHABV1@@Z
?Assign@nsSubstring@@QAEXABV1@@Z
?RemoveElementsAt@nsVoidArray@@QAEHHH@Z
?SafeElementAt@nsVoidArray@@QBEPAXH@Z
NS_Alloc_P
?ToNewCString@@YAPADABVnsAString_internal@@@Z
nsUnescape
?NS_CopyUnicodeToNative@@YAIABVnsAString_internal@@AAVnsACString_internal@@@Z
?AppendUTF16toUTF8@@YAXABVnsAString_internal@@AAVnsACString_internal@@@Z
?assign_from_gs_contractid@nsCOMPtr_base@@QAEXVnsGetServiceByContractID@@ABUnsID@@@Z
?EmptyString@@YAABVnsString@@XZ
NS_NewNativeLocalFile_P
?assign_from_qi@nsCOMPtr_base@@QAEXVnsQueryInterface@@ABUnsID@@@Z
??0nsCreateInstanceByContractID@@QAE@PBDPAVnsISupports@@PAI@Z
?assign_from_helper@nsCOMPtr_base@@QAEXABVnsCOMPtr_helper@@ABUnsID@@@Z
??_7nsCreateInstanceByCID@@6B@
?assign_from_gs_cid_with_error@nsCOMPtr_base@@QAEXABVnsGetServiceByCIDWithError@@ABUnsID@@@Z
?sCanonicalVTable@nsObsoleteACString@@2PBXB
?Adopt@nsSubstring@@QAEXPAGI@Z
?sEmptyBuffer@?$nsCharTraits@G@@2PBGB
?sCanonicalVTable@nsObsoleteAString@@2PBXB
?sEmptyBuffer@?$nsCharTraits@D@@2PBDB
??1nsCStringKey@@UAE@XZ
??0nsCStringKey@@QAE@ABVnsCString@@@Z
?Get@nsHashtable@@QAEPAXPAVnsHashKey@@@Z
?AppendUTF8toUTF16@@YAXABVnsACString_internal@@AAVnsAString_internal@@@Z
?Remove@nsHashtable@@QAEPAXPAVnsHashKey@@@Z
?assign_from_gs_contractid_with_error@nsCOMPtr_base@@QAEXABVnsGetServiceByContractIDWithError@@ABUnsID@@@Z
??1nsACString_internal@@QAE@XZ
??1nsHashtable@@UAE@XZ
??0nsHashtable@@QAE@IH@Z
?NS_NewGenericModule2@@YAIPBUnsModuleInfo@@PAPAVnsIModule@@@Z
??1nsAString_internal@@QAE@XZ
?Compact@nsVoidArray@@UAEXXZ
NS_Free_P
?GrowArrayBy@nsVoidArray@@MAEHH@Z

js3250

JS_GC

nspr4

PR_AtomicDecrement
PR_AtomicIncrement
PR_Now

plc4

PL_strncmp

kernel32

DisableThreadLibraryCalls
CloseHandle
CreateFileA

msvcrt

_adjust_fdiv
_initterm
free
malloc
_ftol
srand
strcmp
strlen
??2@YAPAXI@Z
rand

Exports

Exports

NSGetModule

Sections

.text
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 888B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4644620b9dd193a1fb51928809b14a03

Headers

File Characteristics

Imports

xpcom_core

js3250

nspr4

plc4

kernel32

msvcrt

Exports

Exports

Sections

.text Size: 32KB - Virtual size: 30KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 888B

.reloc Size: 4KB - Virtual size: 2KB

.text Size: 120KB - Virtual size: 120KB

.text
Size: 32KB - Virtual size: 30KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 888B

.reloc
Size: 4KB - Virtual size: 2KB

.text
Size: 120KB - Virtual size: 120KB