607298d89677665b9dc07ad8382a58385bb1b6bba18861d45fd57d379b747817

Sharing

Copy URL

Twitter E-mail

General

Target

607298d89677665b9dc07ad8382a58385bb1b6bba18861d45fd57d379b747817
Size

21KB
MD5

47227871e686553f6549e1fa649f5230
SHA1

1e55448d280147cedb98b3a00705dd6bd973479a
SHA256

607298d89677665b9dc07ad8382a58385bb1b6bba18861d45fd57d379b747817
SHA512

4b5f16b1513c76ba3eac3cb0a11344e5aa5e4f8f21daa46e2858ef34041347314d7ec6f2b6c2c68f1517ac3abdbed029b7fa8ef6e5997579be2264dbaaa99d32
SSDEEP

192:RJuG19J3/wjSG/4xncX85XsqPXnnnLSBIwl3X3PVR6yzsTx+jMp8H0o8q5Eync0u:WgT3/R66ciPbCvnPV5sEMun1ulPYPL+3

Score

N/A

Malware Config

Signatures

Files

607298d89677665b9dc07ad8382a58385bb1b6bba18861d45fd57d379b747817
.dll windows x86

d98c7f68fe260a940d9df8665835e2c6

Code Sign

38:eb:0e:a1:4f:6a:36:8f:2a:9f:72:79:73:e2:37:ff:ec:b3:64:5b
Signer

Actual PE Digest

38:eb:0e:a1:4f:6a:36:8f:2a:9f:72:79:73:e2:37:ff:ec:b3:64:5b

Digest Algorithm

sha1

PE Digest Matches

false

Signature Validations

Trusted

false

Verification

Signing Certificate

NO CERTIFICATE

01-01-0001 00:00
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

nspr4

PR_SetError
PR_Calloc
PR_GetSpecialFD
PR_ErrorToName
PR_fprintf
PR_GetOSError
PR_GetError
PR_Malloc
PR_Free

mozglue

malloc
free
frex

msvcr100

strstr
strpbrk
strrchr
_encoded_null
_initterm
_initterm_e
_amsg_exit
__CppXcptFilter
_crt_debugger_hook
strchr
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
strncmp
_malloc_crt
memcpy

kernel32

GetCurrentProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
InterlockedCompareExchange
EncodePointer
InterlockedExchange
Sleep
DecodePointer

Exports

Exports

PL_Base64Decode
PL_Base64Encode
PL_CreateLongOptState
PL_CreateOptState
PL_DestroyOptState
PL_FPrintError
PL_GetNextOpt
PL_PrintError
PL_strcasecmp
PL_strcaserstr
PL_strcasestr
PL_strcat
PL_strcatn
PL_strchr
PL_strcmp
PL_strcpy
PL_strdup
PL_strfree
PL_strlen
PL_strncasecmp
PL_strncaserstr
PL_strncasestr
PL_strncat
PL_strnchr
PL_strncmp
PL_strncpy
PL_strncpyz
PL_strndup
PL_strnlen
PL_strnpbrk
PL_strnprbrk
PL_strnrchr
PL_strnrstr
PL_strnstr
PL_strpbrk
PL_strprbrk
PL_strrchr
PL_strrstr
PL_strstr
PL_strtok_r
libVersionPoint

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 736B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 596B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d98c7f68fe260a940d9df8665835e2c6

Code Sign

38:eb:0e:a1:4f:6a:36:8f:2a:9f:72:79:73:e2:37:ff:ec:b3:64:5bSigner

Signature Validations

Verification

01-01-0001 00:00 Valid: false

Headers

DLL Characteristics

File Characteristics

Imports

nspr4

mozglue

msvcr100

kernel32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 936B

.rsrc Size: 1024B - Virtual size: 736B

.reloc Size: 1024B - Virtual size: 596B

38:eb:0e:a1:4f:6a:36:8f:2a:9f:72:79:73:e2:37:ff:ec:b3:64:5b
Signer

01-01-0001 00:00
Valid: false

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 936B

.rsrc
Size: 1024B - Virtual size: 736B

.reloc
Size: 1024B - Virtual size: 596B