78d5c6132eb567deb3e200eec282cff262a12301d9182efb7549f6493e542cf4

Sharing

Copy URL Twitter E-mail

General

Target

78d5c6132eb567deb3e200eec282cff262a12301d9182efb7549f6493e542cf4
Size

268KB
MD5

11653493701c368452d76b7afd5a40a1
SHA1

6f3cdb626ca661f51dd074c77ca1f0506cbd9d43
SHA256

78d5c6132eb567deb3e200eec282cff262a12301d9182efb7549f6493e542cf4
SHA512

bddb982c185e56d1bb193d7d802badcc4a98b1b2b84a0d0373bb0daf23d0d0527920a6a7d9eefa6852373edbcdedf75c34914b5b193c8c0f4c1c06ead0d960ec
SSDEEP

6144:M6z4xJ6ELlYE7/hAZUvPucYE05eLCjEMoDyuIr:T4aJ8hiU+HwMoD98

Score

N/A

Malware Config

Signatures

Files

78d5c6132eb567deb3e200eec282cff262a12301d9182efb7549f6493e542cf4
.dll windows x86

0b9903dd9eabe0ccc3c1c99b286d0f36

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

xpcom_core

?assign_with_AddRef@nsCOMPtr_base@@QAEXPAVnsISupports@@@Z
??1nsCOMPtr_base@@QAE@XZ
?LossyCopyUTF16toASCII@@YAXPBGAAVnsACString_internal@@@Z
NS_Free_P
NS_NewNativeLocalFile_P
??1nsAString_internal@@QAE@XZ
?AppendUTF8toUTF16@@YAXABVnsACString_internal@@AAVnsAString_internal@@@Z
?strtok@nsCRT@@SAPADPADPBDPAPAD@Z
?strcmp@nsCRT@@SAHPBG0@Z
?sEmptyBuffer@?$nsCharTraits@D@@2PBDB
?sCanonicalVTable@nsObsoleteACString@@2PBXB
?EmptyCString@@YAABVnsCString@@XZ
?sCanonicalVTable@nsObsoleteAString@@2PBXB
?NS_CopyNativeToUnicode@@YAIABVnsACString_internal@@AAVnsAString_internal@@@Z
??1nsACString_internal@@QAE@XZ
?strncmp@nsCRT@@SAHPBD0I@Z
??0nsCreateInstanceByContractID@@QAE@PBDPAVnsISupports@@PAI@Z
??0nsCreateInstanceByCID@@QAE@ABUnsID@@PAVnsISupports@@PAI@Z
?assign_from_qi@nsCOMPtr_base@@QAEXVnsQueryInterface@@ABUnsID@@@Z
?Assign@nsSubstring@@QAEXABV1@@Z
?Equals@nsSubstring@@QBEHABV1@@Z
?GrowArrayBy@nsVoidArray@@MAEHH@Z
?Compact@nsVoidArray@@UAEXXZ
?SizeTo@nsVoidArray@@UAEHH@Z
?Clear@nsVoidArray@@UAEXXZ
??1nsVoidArray@@UAE@XZ
??0nsVoidArray@@QAE@XZ
?ToNewCString@@YAPADABVnsAString_internal@@@Z
NS_Alloc_P
nsUnescape
?AppendUTF16toUTF8@@YAXABVnsAString_internal@@AAVnsACString_internal@@@Z
?RemoveElementAt@nsVoidArray@@QAEHH@Z
?AppendElement@nsVoidArray@@QAEHPAX@Z
?SafeElementAt@nsVoidArray@@QBEPAXH@Z
?ElementAt@nsVoidArray@@QBEPAXH@Z
?EmptyString@@YAABVnsString@@XZ
?assign_from_gs_contractid@nsCOMPtr_base@@QAEXVnsGetServiceByContractID@@ABUnsID@@@Z
?assign_from_qi_with_error@nsCOMPtr_base@@QAEXABVnsQueryInterfaceWithError@@ABUnsID@@@Z
?assign_from_gs_cid_with_error@nsCOMPtr_base@@QAEXABVnsGetServiceByCIDWithError@@ABUnsID@@@Z
?assign_from_gs_contractid_with_error@nsCOMPtr_base@@QAEXABVnsGetServiceByContractIDWithError@@ABUnsID@@@Z
?assign_from_helper@nsCOMPtr_base@@QAEXABVnsCOMPtr_helper@@ABUnsID@@@Z
??1nsHashtable@@UAE@XZ
??0nsHashtable@@QAE@IH@Z
?Put@nsHashtable@@QAEPAXPAVnsHashKey@@PAX@Z
?Get@nsHashtable@@QAEPAXPAVnsHashKey@@@Z
?Remove@nsHashtable@@QAEPAXPAVnsHashKey@@@Z
?Equals@nsSubstring@@QBEHPBG@Z
?Assign@nsSubstring@@QAEXPBGI@Z
?Adopt@nsSubstring@@QAEXPAGI@Z
?SetLength@nsSubstring@@QAEXI@Z
?Equals@nsCSubstring@@QBEHPBD@Z
?Assign@nsCSubstring@@QAEXABVnsCSubstringTuple@@@Z
?Assign@nsCSubstring@@QAEXABV1@@Z
?Assign@nsCSubstring@@QAEXPBDI@Z
?Adopt@nsCSubstring@@QAEXPADI@Z
?Replace@nsCSubstring@@QAEXIIPBDI@Z
?EnsureMutable@nsCSubstring@@IAEXXZ
?ToNewUnicode@@YAPAGABVnsAString_internal@@@Z
NS_NewLocalFile_P
?sEmptyBuffer@?$nsCharTraits@G@@2PBGB
??0nsCStringKey@@QAE@ABVnsCString@@@Z
??1nsCStringKey@@UAE@XZ
?NS_CopyUnicodeToNative@@YAIABVnsAString_internal@@AAVnsACString_internal@@@Z
?NS_NewGenericModule2@@YAIPBUnsModuleInfo@@PAPAVnsIModule@@@Z

js3250

JS_GC

nspr4

PR_Now
PR_AtomicDecrement
PR_AtomicIncrement

kernel32

DisableThreadLibraryCalls
CloseHandle
CreateFileA

msvcp71

?_Nomemory@std@@YAXXZ

msvcr71

_initterm
free
_callnewh
malloc
_adjust_fdiv
??3@YAXPAX@Z
srand
rand
strlen
_except_handler3
__CppXcptFilter
__dllonexit
_onexit
strcmp

Exports

Exports

NSGetModule

Sections

.text
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 896B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 208KB - Virtual size: 208KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0b9903dd9eabe0ccc3c1c99b286d0f36

Headers

File Characteristics

Imports

xpcom_core

js3250

nspr4

kernel32

msvcp71

msvcr71

Exports

Exports

Sections

.text Size: 36KB - Virtual size: 33KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 4KB - Virtual size: 72B

.rsrc Size: 4KB - Virtual size: 896B

.reloc Size: 4KB - Virtual size: 2KB

.text Size: 208KB - Virtual size: 208KB

.text
Size: 36KB - Virtual size: 33KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 4KB - Virtual size: 72B

.rsrc
Size: 4KB - Virtual size: 896B

.reloc
Size: 4KB - Virtual size: 2KB

.text
Size: 208KB - Virtual size: 208KB