d2d8f543cc9ee40b5883147648a161ae83548bd744a1e9c75f89c466cebca53d

Sharing

Copy URL Twitter E-mail

General

Target

d2d8f543cc9ee40b5883147648a161ae83548bd744a1e9c75f89c466cebca53d
Size

284KB
MD5

60d38ef1db977cb7ba68ddf0ac227c71
SHA1

fa3e4b7409ad318cd6efacc777c32101218ee12c
SHA256

d2d8f543cc9ee40b5883147648a161ae83548bd744a1e9c75f89c466cebca53d
SHA512

0a8662c1f8caae42f43c9085d470821f041f548b16ab70b67bdea9c262b28839c40a08842ccfe726ca71cd0e7d4e135283bd5268470efc4d59eb415e0f255909
SSDEEP

6144:4gP0dIg3qU66e5m6KZsZL2FL2UEzcZLnazJUqAFSOXGtNaheJ:X8dI+qU6jrasZK2cZDKd2eJ

Score

N/A

Malware Config

Signatures

Files

d2d8f543cc9ee40b5883147648a161ae83548bd744a1e9c75f89c466cebca53d
.dll windows x86

18999f38da943f617cd94faf1be4792a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

plc4

PL_strncasecmp
PL_strcasecmp

plds4

PL_HashTableAdd
PL_NewHashTable
PL_HashTableDestroy
PL_HashTableEnumerateEntries
PL_HashTableRemove
PL_HashTableLookup

nspr4

PR_SetError
PR_smprintf_free
PR_Delete
PR_Close
PR_Write
PR_GetError
PR_OpenFile
PR_MkDir
PR_Access
PR_CloseFileMap
PR_MemUnmap
PR_Read
PR_MemMap
PR_CreateFileMap
PR_NewLock
PR_Unlock
PR_Lock
PR_DestroyLock
PR_ntohl
PR_htonl
PR_Free
PR_UnloadLibrary
PR_GetEnv
PR_FindSymbol
PR_LoadLibrary
PR_Now
PR_EnterMonitor
PR_ExitMonitor
PR_DestroyMonitor
PR_NewMonitor
PR_LoadLibraryWithFlags
PR_GetDirectorySeparator
PR_GetLibraryFilePathname
PR_FindFunctionSymbol
PR_CallOnce
PR_smprintf

nssutil3

PORT_Alloc_Util
PORT_ZAlloc_Util
NSSBase64_EncodeItem_Util
NSS_Get_SECOID_AlgorithmIDTemplate_Util
PORT_FreeArena_Util
PORT_ArenaZAlloc_Util
PORT_NewArena_Util
PORT_SetError_Util
SECOID_SetAlgorithmID_Util
SEC_ASN1EncodeItem_Util
SECITEM_DupItem_Util
SECITEM_CopyItem_Util
SECOID_GetAlgorithmTag_Util
SEC_QuickDERDecodeItem_Util
SEC_ASN1EncodeInteger_Util
SECITEM_CompareItem_Util
PORT_ArenaStrdup_Util
PORT_ArenaMark_Util
PORT_ArenaUnmark_Util
PORT_ArenaRelease_Util
NSS_Get_SEC_AnyTemplate_Util
NSS_Get_SEC_BitStringTemplate_Util
NSS_Get_SEC_ObjectIDTemplate_Util
DER_DecodeTimeChoice_Util
SECITEM_AllocItem_Util
SECOID_Init
SECITEM_HashCompare
SECOID_Shutdown
SECITEM_ItemsAreEqual_Util
PORT_Realloc_Util
SECITEM_ZfreeItem_Util
NSS_Get_SEC_OctetStringTemplate_Util
PORT_Strdup_Util
SECOID_FindOIDTag_Util
SECITEM_FreeItem_Util
SECOID_FindOIDByTag_Util
PORT_ArenaAlloc_Util
PORT_Free_Util
PORT_GetError_Util
DER_SetUInteger

mozcrt19

_unlink
_close
_read
_open
_strdup
_write
_lseek
_except_handler4_common
_onexit
_lock
__dllonexit
_unlock
__clean_type_info_names_internal
_crt_debugger_hook
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_decode_pointer
_encoded_null
_malloc_crt
_encode_pointer
abort
calloc
malloc
memmove
free
_get_osfhandle
_stat64i32
_errno
strrchr
strncpy
isdigit
atoi
strcat
isspace
strcpy
tolower
memset
strncmp
getenv
memcmp
strlen
strcmp
memcpy
_getpid

kernel32

GetCurrentProcessId
InterlockedExchange
Sleep
InterlockedCompareExchange
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
IsDebuggerPresent
FlushFileBuffers

Exports

Exports

legacy_AddSecmodDB
legacy_DeleteSecmodDB
legacy_Open
legacy_ReadSecmodDB
legacy_ReleaseSecmodDBData
legacy_SetCryptFunctions
legacy_Shutdown

Sections

.text
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 824B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 188KB - Virtual size: 188KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

18999f38da943f617cd94faf1be4792a

Headers

DLL Characteristics

File Characteristics

Imports

plc4

plds4

nspr4

nssutil3

mozcrt19

kernel32

Exports

Exports

Sections

.text Size: 72KB - Virtual size: 71KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 4KB - Virtual size: 1KB

.rsrc Size: 4KB - Virtual size: 824B

.reloc Size: 4KB - Virtual size: 3KB

.text Size: 188KB - Virtual size: 188KB

.text
Size: 72KB - Virtual size: 71KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 4KB - Virtual size: 824B

.reloc
Size: 4KB - Virtual size: 3KB

.text
Size: 188KB - Virtual size: 188KB