9f6ba70cd439f7a7a40cf5e871d40438a3ff1794e2643b5fdec1ae61e3488a92

Sharing

Copy URL Twitter E-mail

General

Target

9f6ba70cd439f7a7a40cf5e871d40438a3ff1794e2643b5fdec1ae61e3488a92
Size

132KB
MD5

8266dce10f0ec0e96c8ded0fbfd2d908
SHA1

f7d7cf6fff31f2d95b226b2f7e0d24b639b3dc02
SHA256

9f6ba70cd439f7a7a40cf5e871d40438a3ff1794e2643b5fdec1ae61e3488a92
SHA512

7bbd478a2870d0da00b1f2aa3944dd3d50480333f7b35e58592613223fe3b210e01ba1b9dabaf1b808e49a27061430ac731e0075ae7e9872a6cef8fb1995083a
SSDEEP

1536:KRHIMCCdXB3JeUW5XRDTT/sOayHEfrhQYBf9lb4qpglB5OGvOglqgVq2D+:E9BvW51TTEOmfdQYrCq+3ZmJ2D+

Score

N/A

Malware Config

Signatures

Files

9f6ba70cd439f7a7a40cf5e871d40438a3ff1794e2643b5fdec1ae61e3488a92
.dll windows x86

8c04c8334e8a1c935e5f56c595cfc323

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

xpcom

NS_GetComponentManager
NS_CStringGetData
NS_StringGetData
NS_DebugBreak
NS_UTF16ToCString
NS_CStringContainerInit2
NS_CStringContainerFinish
NS_CStringContainerInit
NS_StringContainerInit2
NS_StringContainerFinish
NS_StringContainerInit
NS_LogCOMPtrAddRef
NS_LogCOMPtrRelease

nspr4

PR_LogPrint
PR_GetErrorText
PR_NewLogModule
PR_Assert
PR_FindFunctionSymbol
PR_LocalTimeParameters
PR_Now
PR_ExplodeTime
PR_snprintf

plc4

PL_strlen

kernel32

IsDebuggerPresent
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
HeapSize
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
FlushFileBuffers
GetConsoleMode
GetConsoleCP
SetFilePointer
RtlUnwind
HeapReAlloc
VirtualAlloc
InitializeCriticalSection
GetLocaleInfoA
MultiByteToWideChar
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetCurrentThreadId
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetLastError
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
WriteFile
GetStdHandle
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
TerminateProcess
ExitProcess
Sleep
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
CloseHandle
EnterCriticalSection
LeaveCriticalSection
SetStdHandle
LoadLibraryA

Exports

Exports

NSGetModule

Sections

.text
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8c04c8334e8a1c935e5f56c595cfc323

Headers

DLL Characteristics

File Characteristics

Imports

xpcom

nspr4

plc4

kernel32

Exports

Exports

Sections

.text Size: 36KB - Virtual size: 34KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 68KB - Virtual size: 74KB

.rsrc Size: 4KB - Virtual size: 928B

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 36KB - Virtual size: 34KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 68KB - Virtual size: 74KB

.rsrc
Size: 4KB - Virtual size: 928B

.reloc
Size: 8KB - Virtual size: 4KB