29907460310919f5bd2e7c642cf7756662ead06ec22b88f085945762517bd6d7

Sharing

Copy URL

Twitter E-mail

General

Target

29907460310919f5bd2e7c642cf7756662ead06ec22b88f085945762517bd6d7
Size

256KB
MD5

64779a3a2b8e2ac468cf9ac5be3f3779
SHA1

c7c7e4ac8640269cea60fbd489b86b922cbe5d26
SHA256

29907460310919f5bd2e7c642cf7756662ead06ec22b88f085945762517bd6d7
SHA512

f7f7c786d931702d09329d5e198a79bd234f3556d31702f462e96bbc7470ba6674ee141b34030cea99b78ff8d8a62133511e6e002d29492e0886c7bd7f7554ac
SSDEEP

6144:89+GjQ11mKsE9zZtGzfliDPIdxU5i0XUJAFxhln+YkF:XGimOZKAjKLApl+YkF

Score

N/A

Malware Config

Signatures

Files

29907460310919f5bd2e7c642cf7756662ead06ec22b88f085945762517bd6d7
.dll windows x86

e4571095ea36db0427a7e44fc795c1d6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

plc4

PL_strncasecmp
PL_strcasecmp

plds4

PL_HashTableAdd
PL_NewHashTable
PL_HashTableDestroy
PL_HashTableEnumerateEntries
PL_HashTableRemove
PL_HashTableLookup

nspr4

PR_LoadLibraryWithFlags
PR_GetDirectorySeparator
PR_GetLibraryFilePathname
PR_FindFunctionSymbol
PR_CallOnce
PR_smprintf
PR_smprintf_free
PR_Delete
PR_Close
PR_Write
PR_GetError
PR_OpenFile
PR_MkDir
PR_Access
PR_CloseFileMap
PR_NewMonitor
PR_MemUnmap
PR_Read
PR_MemMap
PR_CreateFileMap
PR_NewLock
PR_Unlock
PR_Lock
PR_DestroyLock
PR_ntohl
PR_htonl
PR_Free
PR_UnloadLibrary
PR_GetEnv
PR_FindSymbol
PR_LoadLibrary
PR_Now
PR_EnterMonitor
PR_ExitMonitor
PR_DestroyMonitor
PR_SetError

nssutil3

NSS_Get_SEC_ObjectIDTemplate_Util
NSS_Get_SEC_BitStringTemplate_Util
NSS_Get_SEC_AnyTemplate_Util
PORT_ArenaStrdup_Util
SECITEM_CompareItem_Util
SECITEM_AllocItem_Util
SECOID_Init
SECITEM_HashCompare
SECOID_Shutdown
PORT_Realloc_Util
DER_SetUInteger
PORT_Strdup_Util
SECOID_FindOIDTag_Util
SECITEM_FreeItem_Util
SECOID_FindOIDByTag_Util
PORT_ArenaAlloc_Util
PORT_GetError_Util
SECITEM_ZfreeItem_Util
SEC_ASN1EncodeInteger_Util
SEC_QuickDERDecodeItem_Util
SECOID_GetAlgorithmTag_Util
SECITEM_ItemsAreEqual_Util
SECITEM_CopyItem_Util
SECITEM_DupItem_Util
SECOID_SetAlgorithmID_Util
PORT_SetError_Util
PORT_NewArena_Util
PORT_ArenaZAlloc_Util
PORT_FreeArena_Util
NSS_Get_SECOID_AlgorithmIDTemplate_Util
PORT_ZAlloc_Util
PORT_Alloc_Util
PORT_Free_Util
NSSBase64_EncodeItem_Util
DER_DecodeTimeChoice_Util
SEC_ASN1EncodeItem_Util

msvcr71

_close
_open
_stat
_write
_lseek
_strdup
_unlink
_read
_onexit
__dllonexit
_except_handler3
__CppXcptFilter
_adjust_fdiv
_initterm
getenv
abort
calloc
malloc
memmove
free
_get_osfhandle
_errno
strrchr
strncpy
isdigit
atoi
strcat
isspace
strcpy
tolower
memset
strncmp
memcmp
strlen
strcmp
memcpy
_getpid

kernel32

DisableThreadLibraryCalls
FlushFileBuffers

Exports

Exports

dbopen
legacy_AddSecmodDB
legacy_DeleteSecmodDB
legacy_Open
legacy_ReadSecmodDB
legacy_ReleaseSecmodDBData
legacy_SetCryptFunctions
legacy_Shutdown
mktemp

Sections

.text
Size: 72KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 360B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 824B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 160KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e4571095ea36db0427a7e44fc795c1d6

Headers

File Characteristics

Imports

plc4

plds4

nspr4

nssutil3

msvcr71

kernel32

Exports

Exports

Sections

.text Size: 72KB - Virtual size: 68KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 4KB - Virtual size: 360B

.rsrc Size: 4KB - Virtual size: 824B

.reloc Size: 4KB - Virtual size: 3KB

.text Size: 160KB - Virtual size: 160KB

.text
Size: 72KB - Virtual size: 68KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 4KB - Virtual size: 360B

.rsrc
Size: 4KB - Virtual size: 824B

.reloc
Size: 4KB - Virtual size: 3KB

.text
Size: 160KB - Virtual size: 160KB