eef415f22c61567907df025f315d1f3d58f3f911b4a0a100eab69c842ae8c6e9

Sharing

Copy URL Twitter E-mail

General

Target

eef415f22c61567907df025f315d1f3d58f3f911b4a0a100eab69c842ae8c6e9
Size

183KB
MD5

087d4d7bbb13dae0aa05032e2b74d148
SHA1

013538c31dfd33c01edf42c9e232213df99a6e76
SHA256

eef415f22c61567907df025f315d1f3d58f3f911b4a0a100eab69c842ae8c6e9
SHA512

779f363bbee3503850d3a1d9ca2e9446d113fce8053669bb53e2274a061ac149a0d7cd584f71991fd961b467d29367771be56b0f7a611241194c88635b78e420
SSDEEP

3072:9CD6E6FVsR1BgScuRdX4YrSA0YCYIAaWpb+Y1Lt832HMHzTCUKkcUh+CV:9rE6WgS1oYrSA009aWpbI3mi/NKkcU

Score

N/A

Malware Config

Signatures

Files

eef415f22c61567907df025f315d1f3d58f3f911b4a0a100eab69c842ae8c6e9
.dll windows x86

4bbfcec8661569c1eef07a4099b66e19

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

xpcom

NS_Alloc
NS_StringContainerInit
NS_StringCopy
NS_StringContainerFinish

kernel32

TlsAlloc
InterlockedIncrement
InterlockedDecrement
LoadLibraryW
GetModuleFileNameW
lstrlenW
GetCurrentDirectoryW
GetProcAddress
LCMapStringW
LCMapStringA
GetStringTypeW
MultiByteToWideChar
GetStringTypeA
GetLocaleInfoA
InitializeCriticalSectionAndSpinCount
LoadLibraryA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
HeapSize
HeapReAlloc
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCurrentThreadId
GetCommandLineA
GetLastError
HeapFree
RtlUnwind
HeapAlloc
GetModuleHandleW
TlsGetValue
TlsSetValue
TlsFree
SetLastError
Sleep
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
WriteFile
VirtualAlloc

user32

LoadStringW
SystemParametersInfoW
MessageBoxW

shell32

ShellExecuteW

ole32

CoCreateInstance

oleaut32

VariantClear
SysAllocString
SysAllocStringByteLen
VariantInit
VarBstrCmp
SysStringByteLen
SysFreeString

nspr4

PR_AtomicIncrement
PR_AtomicDecrement

Exports

Exports

NSGetModule

Sections

.text
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4bbfcec8661569c1eef07a4099b66e19

Headers

File Characteristics

Imports

xpcom

kernel32

user32

shell32

ole32

oleaut32

nspr4

Exports

Exports

Sections

.text Size: 56KB - Virtual size: 56KB

.rdata Size: 14KB - Virtual size: 14KB

.data Size: 4KB - Virtual size: 6KB

.rsrc Size: 101KB - Virtual size: 101KB

.reloc Size: 6KB - Virtual size: 5KB

.text
Size: 56KB - Virtual size: 56KB

.rdata
Size: 14KB - Virtual size: 14KB

.data
Size: 4KB - Virtual size: 6KB

.rsrc
Size: 101KB - Virtual size: 101KB

.reloc
Size: 6KB - Virtual size: 5KB