bed297ff9e912950d187996311bb6c8119d9a0ca40fe44c63bb8c4eb4f404368

General

Target

bed297ff9e912950d187996311bb6c8119d9a0ca40fe44c63bb8c4eb4f404368
Size

172KB
MD5

3414c857320b1ee8aff6ba4ad6d8f300
SHA1

6e7469e766edbfc061c40397504950b48678fcc6
SHA256

bed297ff9e912950d187996311bb6c8119d9a0ca40fe44c63bb8c4eb4f404368
SHA512

614a71a9b262ae5b9b3fcda0579dcbd706316d269b11386a172c353ff78198b11ab1ed393ad5989d846b334025c788b96a5892dd6be82721a1aaa910e13262ed
SSDEEP

3072:i8d8VvxagIf5AHpmM1kv80AzWkggwn/rpilSV2i0jcOWCri36o5Zd9S5NYqXUbdF:z8jVHpLkv8WkggGclUecOWsDimnk12

Score

N/A

Malware Config

Signatures

Files

bed297ff9e912950d187996311bb6c8119d9a0ca40fe44c63bb8c4eb4f404368
.dll windows x86

122a2c9bdfb6349be41323906cd89662

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

xpcom_core

?assign_from_qi@nsCOMPtr_base@@QAEXVnsQueryInterface@@ABUnsID@@@Z
??1nsCOMPtr_base@@QAE@XZ
?NS_NewGenericModule2@@YAIPBUnsModuleInfo@@PAPAVnsIModule@@@Z

kernel32

GetCurrentProcess
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FlushFileBuffers
GetVersionExA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
InterlockedCompareExchange
Sleep
InterlockedExchange
TerminateProcess

msvcr80

fopen
fclose
_get_osfhandle
fflush
memset
fseek
ftell
fread
fwrite
memmove
_encode_pointer
ferror
_encoded_null
free
_fileno
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_unlock
__dllonexit
_lock
_onexit
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__clean_type_info_names_internal
_except_handler4_common
_crt_debugger_hook
_errno
strerror
strcpy
memcpy
strlen
memcmp
??2@YAPAXI@Z
_purecall
??3@YAXPAX@Z
_malloc_crt
_decode_pointer

Exports

Exports

NSGetModule

Sections

.text
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

122a2c9bdfb6349be41323906cd89662

Headers

File Characteristics

Imports

xpcom_core

kernel32

msvcr80

Exports

Exports

Sections

.text Size: 76KB - Virtual size: 74KB

.rdata Size: 20KB - Virtual size: 18KB

.data Size: 60KB - Virtual size: 58KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 76KB - Virtual size: 74KB

.rdata
Size: 20KB - Virtual size: 18KB

.data
Size: 60KB - Virtual size: 58KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 6KB