95c662593101ab9e71afa312a4374ebaee27ca97dcad3192f3f3ece0f4083b71

Sharing

Copy URL

Twitter E-mail

General

Target

95c662593101ab9e71afa312a4374ebaee27ca97dcad3192f3f3ece0f4083b71
Size

344KB
MD5

5e2734ffbbc6d7270a295e2ff2bc8a00
SHA1

d008b8276bf2a90e0d803858f274d17e73cd4a1f
SHA256

95c662593101ab9e71afa312a4374ebaee27ca97dcad3192f3f3ece0f4083b71
SHA512

88e71cdc7ef5fb10fbb7cdce675fd1141f577a5d41af0f29b2874ea31fa9d396841dfbb45a972632386088163af3a94cfa5bc1d356e46f93fb98d29f10feb260
SSDEEP

6144:95OiIiCIB1jzaQTa3/1/J+o2USD+p+qvaIVOi/KPtTnYTTINNrLlMxMs:95Oix1jzaQm3/pMo2UA+kq9V5KpnYT8S

Score

N/A

Malware Config

Signatures

Files

95c662593101ab9e71afa312a4374ebaee27ca97dcad3192f3f3ece0f4083b71
.dll windows x86

f62703f3be4a59d359a62952d431248f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

sqlite3

sqlite3_file_control
sqlite3_reset
sqlite3_finalize
sqlite3_column_int
sqlite3_column_bytes
sqlite3_column_blob
sqlite3_step
sqlite3_bind_text
sqlite3_bind_int
sqlite3_bind_blob
sqlite3_prepare_v2
sqlite3_open
sqlite3_free
sqlite3_mprintf
sqlite3_busy_timeout
sqlite3_exec
sqlite3_close

nssutil3

SECOID_GetAlgorithmTag_Util
PORT_Alloc_Util
PORT_Free_Util
PORT_SetError_Util
NSS_Get_SECOID_AlgorithmIDTemplate_Util
NSS_Get_SEC_AnyTemplate_Util
NSS_Get_SEC_BitStringTemplate_Util
NSS_Get_SEC_ObjectIDTemplate_Util
PORT_NewArena_Util
PORT_ArenaZAlloc_Util
SECITEM_CopyItem_Util
PORT_ZAlloc_Util
SECITEM_CompareItem_Util
NSSUTIL_ArgHasFlag
NSSUTIL_ArgIsBlank
NSSUTIL_ArgDecodeNumber
NSSUTIL_ArgGetLabel
NSSUTIL_ArgSkipParameter
NSSUTIL_ArgStrip
NSSUTIL_ArgFetchValue
_NSSUTIL_EvaluateConfigDir
PORT_Strdup_Util
SECOID_FindOIDByMechanism
SGN_DestroyDigestInfo_Util
SGN_CreateDigestInfo_Util
DER_Encode_Util
_SGN_VerifyPKCS1DigestInfo
NSS_Get_SEC_OctetStringTemplate_Util
SEC_QuickDERDecodeItem_Util
_NSSUTIL_GetSecmodName
NSSUTIL_DoModuleDBFunction
UTIL_SetForkState
SECOID_Shutdown
SECOID_Init
DER_SetUInteger
SECITEM_HashCompare
PORT_ArenaAlloc_Util
PORT_GetError_Util
PORT_ArenaGrow_Util
PORT_Realloc_Util
SECOID_DestroyAlgorithmID_Util
PORT_ZFree_Util
SECOID_CopyAlgorithmID_Util
SECOID_SetAlgorithmID_Util
DER_GetInteger_Util
SEC_ASN1EncodeInteger_Util
SEC_ASN1EncodeItem_Util
SEC_ASN1DecodeItem_Util
SECITEM_ZfreeItem_Util
SECITEM_FreeItem_Util
SECITEM_DupItem_Util
SECITEM_AllocItem_Util
PORT_FreeArena_Util

plc4

PL_strncasecmp
PL_strcasecmp

plds4

PL_NewHashTable
PL_HashTableDestroy
PL_HashTableAdd
PL_HashTableRemove
PL_HashTableLookup
PL_HashTableLookupConst
PL_CompareValues
PL_HashTableEnumerateEntries

nspr4

PR_CallOnce
PR_SetError
PR_Free
PR_snprintf
PR_GetEnv
PR_LoadLibraryWithFlags
PR_UnloadLibrary
PR_FindFunctionSymbol
PR_GetLibraryFilePathname
PR_Lock
PR_Unlock
PR_GetDirectorySeparator
PR_SecondsToInterval
PR_NewLock
PR_DestroyLock
PR_Sleep
PR_smprintf_free
PR_IntervalNow
PR_MillisecondsToInterval
PR_GetCurrentThread
PR_Now
PR_Access
PR_NewMonitor
PR_DestroyMonitor
PR_EnterMonitor
PR_ExitMonitor
PR_smprintf

kernel32

SetFileAttributesW
GetFileAttributesExW
CloseHandle
CreateFileW
FlushFileBuffers
HeapSize
WriteConsoleW
SetStdHandle
HeapReAlloc
OutputDebugStringW
LoadLibraryExW
RtlUnwind
SetEnvironmentVariableA
SetFilePointerEx
GetConsoleMode
GetConsoleCP
LCMapStringW
CompareStringW
GetStringTypeW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetModuleFileNameA
GetFileType
GetModuleFileNameW
WriteFile
GetStdHandle
GetProcessHeap
AreFileApisANSI
GetModuleHandleExW
ExitProcess
WideCharToMultiByte
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
DecodePointer
EncodePointer
GetProcAddress
GetModuleHandleW
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
GetCurrentProcess
Sleep
InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
UnhandledExceptionFilter
MultiByteToWideChar
SetLastError
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
GetCurrentThreadId
GetCommandLineA
HeapAlloc
HeapFree
GetLastError
IsProcessorFeaturePresent
IsDebuggerPresent
GetTempPathA

Exports

Exports

C_GetFunctionList
FC_GetFunctionList
NSC_GetFunctionList
NSC_ModuleDBFunc

Sections

.text
Size: 183KB - Virtual size: 183KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 824B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 108KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f62703f3be4a59d359a62952d431248f

Headers

DLL Characteristics

File Characteristics

Imports

sqlite3

nssutil3

plc4

plds4

nspr4

kernel32

Exports

Exports

Sections

.text Size: 183KB - Virtual size: 183KB

.rdata Size: 36KB - Virtual size: 36KB

.data Size: 5KB - Virtual size: 12KB

.rsrc Size: 1024B - Virtual size: 824B

.reloc Size: 9KB - Virtual size: 8KB

.text Size: 108KB - Virtual size: 112KB

.text
Size: 183KB - Virtual size: 183KB

.rdata
Size: 36KB - Virtual size: 36KB

.data
Size: 5KB - Virtual size: 12KB

.rsrc
Size: 1024B - Virtual size: 824B

.reloc
Size: 9KB - Virtual size: 8KB

.text
Size: 108KB - Virtual size: 112KB