0c14f2e8fbe09d2978bb613a0bcfb3d0e1486b18ea1b30c745f103fd7bf3c576

Sharing

Copy URL Twitter E-mail

General

Target

0c14f2e8fbe09d2978bb613a0bcfb3d0e1486b18ea1b30c745f103fd7bf3c576
Size

300KB
MD5

6eaf38815f55b5a020a3f0443de5ad8d
SHA1

1719c765b94ca6477fb5e75acd48c456bc1f272f
SHA256

0c14f2e8fbe09d2978bb613a0bcfb3d0e1486b18ea1b30c745f103fd7bf3c576
SHA512

7294dbe8afabd3c7fbec96c6da0a96bfb81203227aa349a81b5b20b85584024c2eb7a3f314ba07c0e26fc861e5dcc674f498c96496faf5b77509986c5537456a
SSDEEP

6144:aJ07it9TBETACHgGJT1wySZdMwgkFHQF9oJqblxATGyupqSq:aC7w9TIomwyuQbl2T5Sq

Score

N/A

Malware Config

Signatures

Files

0c14f2e8fbe09d2978bb613a0bcfb3d0e1486b18ea1b30c745f103fd7bf3c576
.dll windows x86

a1230578a06a5f4be2f9b9ef0aa8a756

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

xpcom

NS_GetComponentManager
NS_GetServiceManager
NS_CStringGetMutableData
NS_StringGetMutableData
NS_Free
NS_StringSetIsVoid
NS_UTF16ToCString
NS_CStringSetDataRange
NS_Alloc
NS_CStringGetData
NS_StringGetData
NS_StringSetDataRange
NS_StringCopy
NS_CStringSetData
NS_StringSetData
NS_CStringToUTF16
NS_StringContainerInit
NS_CStringContainerInit2
NS_CStringContainerFinish
NS_CStringCopy
NS_CStringContainerInit
NS_StringContainerInit2
NS_StringContainerFinish

nspr4

PR_AtomicIncrement
PR_Now
PR_FormatTimeUSEnglish
PR_ExplodeTime
PR_AtomicDecrement
PR_GetEnv
PR_sscanf
PR_LocalTimeParameters

plc4

PL_strcmp
PL_Base64Encode
PL_strdup

kernel32

GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
GetProcAddress
GetCurrentProcessId
OpenProcess
GetSystemTimeAsFileTime
GetCurrentProcess
GetProcessTimes
CloseHandle
FreeLibrary
LoadLibraryA

mozcrt19

_adjust_fdiv
_amsg_exit
_initterm_e
__CppXcptFilter
_decode_pointer
_encoded_null
_malloc_crt
_encode_pointer
strcpy
memset
realloc
malloc
memcpy
memmove
_crt_debugger_hook
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
_initterm
??3@YAXPAX@Z
??2@YAPAXI@Z
strcmp
fputs
__iob_func
strlen
memcmp
_snprintf
free

Exports

Exports

NSGetModule

Sections

.text
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 208KB - Virtual size: 208KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a1230578a06a5f4be2f9b9ef0aa8a756

Headers

DLL Characteristics

File Characteristics

Imports

xpcom

nspr4

plc4

kernel32

mozcrt19

Exports

Exports

Sections

.text Size: 52KB - Virtual size: 50KB

.rdata Size: 24KB - Virtual size: 20KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 904B

.reloc Size: 4KB - Virtual size: 3KB

.text Size: 208KB - Virtual size: 208KB

.text
Size: 52KB - Virtual size: 50KB

.rdata
Size: 24KB - Virtual size: 20KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 904B

.reloc
Size: 4KB - Virtual size: 3KB

.text
Size: 208KB - Virtual size: 208KB