774795ab9777bfb0105ca9c58f9ba85f09070e383facb41f7a97c1f4a20a06d1

Sharing

Copy URL Twitter E-mail

General

Target

774795ab9777bfb0105ca9c58f9ba85f09070e383facb41f7a97c1f4a20a06d1
Size

124KB
MD5

0f3b0f3d4db03480ede26fb246966a30
SHA1

12ef5739353425c1c1e7f5e4dc9ecbf43405a074
SHA256

774795ab9777bfb0105ca9c58f9ba85f09070e383facb41f7a97c1f4a20a06d1
SHA512

1a17c1fa84a8b52fb75eb51ccf15c754db83a7ff5d894dd38f08d6f32f7024cb17e8b479a1b9d4e6bf75af2fffd3eba5856090399b5ff0e5115e71b76175d1ca
SSDEEP

3072:tJMqyqiuC8Fsox1XZApgYfqqWrnp/IWTBflbjn8Hh:8fq3FswZApgYfqqWrBIWTBZIB

Score

N/A

Malware Config

Signatures

Files

774795ab9777bfb0105ca9c58f9ba85f09070e383facb41f7a97c1f4a20a06d1
.exe windows x86

d1c110c6fd01d9faf03947596064714c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

nssutil3

PORT_Free_Util
PORT_ZAlloc_Util
PORT_Strdup_Util
PORT_Alloc_Util
PORT_RegExpSearch
ATOB_AsciiToData_Util
PORT_SetError_Util
NSS_Get_SECOID_AlgorithmIDTemplate_Util
PORT_GetError_Util

smime3

SEC_PKCS7DestroyContentInfo
SEC_PKCS7VerifyDetachedSignature
SEC_PKCS7ContentIsSigned
SEC_PKCS7ContentIsEncrypted
SEC_PKCS7DecoderFinish
SEC_PKCS7DecoderUpdate
SEC_PKCS7DecoderStart

nss3

SECMOD_FindModule
PK11_GetModInfo
PK11_CreateDigestContext
PK11_DigestBegin
PK11_DigestOp
PK11_DigestFinal
PK11_DestroyContext
CERT_DupCertificate
CERT_GetDefaultCertDB
CERT_DestroyCertificate
SECMOD_AddNewModule
PK11_GetDefaultArray
PK11_UpdateSlotAttribute
PK11_UserEnableSlot
PK11_UserDisableSlot
PK11_FindSlotByName
PK11_NeedUserInit
PK11_CheckUserPassword
PK11_InitPin
PK11_ChangePW
PK11_FreeSlot
PK11_GetDefaultFlags
PK11_GetSlotInfo
PK11_IsHW
PK11_IsDisabled
PK11_GetDisabledReason
PK11_GetTokenInfo
SECMOD_DestroyModule
SECMOD_GetDefaultModuleListLock
SECMOD_GetReadLock
SECMOD_GetDefaultModuleList
SECMOD_GetDeadModuleList
SECMOD_ReleaseReadLock
PK11_GetSlotName
PK11_GetTokenName
SECMOD_UpdateModule
SECMOD_LoadModule
SECMOD_GetModuleSpecList
SECMOD_DeleteModule
SECMOD_PubCipherFlagstoInternal
SECMOD_PubMechFlagstoInternal
SECMOD_AddNewModuleEx
PK11_IsFIPS
SECMOD_GetInternalModule
SECMOD_DeleteInternalModule
NSS_Shutdown
NSS_Initialize

libplc4

PL_strncasecmp
PL_strcasestr
PL_strcasecmp

libnspr4

PR_GetEnv
PR_Seek
PR_Write
PR_Close
PR_snprintf
PR_Realloc
PR_Open
PR_GetSystemInfo
PR_NewProcessAttr
PR_CreateProcess
PR_WaitProcess
PR_DestroyProcessAttr
PR_MkDir
PR_Access
PR_GetFileInfo
PR_OpenDir
PR_ReadDir
PR_CloseDir
PR_RmDir
PR_Delete
PR_vsmprintf
PR_NewLock
PR_Lock
PR_Unlock
PR_GetErrorTextLength
PR_GetErrorText
PR_Malloc
PR_Free
PR_smprintf_free
PR_Init
PR_smprintf
PR_Cleanup
PR_Read
PR_GetSpecialFD
PR_fprintf

msvcr90

_isatty
_fileno
_getch
_controlfp_s
_invoke_watson
_except_handler4_common
_decode_pointer
_onexit
_lock
__dllonexit
_unlock
?terminate@@YAXXZ
_crt_debugger_hook
__set_app_type
_encode_pointer
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
__initenv
_XcptFilter
_exit
_cexit
__getmainargs
_amsg_exit
fflush
vfprintf
memcpy
fwrite
__iob_func
fprintf
free
strtol
strpbrk
sprintf
malloc
memset
printf
strchr
strrchr
strtok
exit
strncmp
fgets

kernel32

QueryPerformanceCounter
Sleep
InterlockedCompareExchange
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
InterlockedExchange
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess

Sections

.text
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d1c110c6fd01d9faf03947596064714c

Headers

DLL Characteristics

File Characteristics

Imports

nssutil3

smime3

nss3

libplc4

libnspr4

msvcr90

kernel32

Sections

.text Size: 48KB - Virtual size: 48KB

.rdata Size: 51KB - Virtual size: 50KB

.data Size: 3KB - Virtual size: 9KB

.rsrc Size: 21KB - Virtual size: 24KB

.text
Size: 48KB - Virtual size: 48KB

.rdata
Size: 51KB - Virtual size: 50KB

.data
Size: 3KB - Virtual size: 9KB

.rsrc
Size: 21KB - Virtual size: 24KB