5f7a7e3e840e089273d285e966b389d679d494546098ce817cb4bc8d6c6548b7

Sharing

Copy URL Twitter E-mail

General

Target

5f7a7e3e840e089273d285e966b389d679d494546098ce817cb4bc8d6c6548b7
Size

276KB
MD5

1fbcab969cb245fd1b837db0fd328f00
SHA1

f9658b99224907223011cba0061e1d7ca2549eae
SHA256

5f7a7e3e840e089273d285e966b389d679d494546098ce817cb4bc8d6c6548b7
SHA512

94ea06988ec4d704685f9b84539f8d76ca0c1384d3eadc38d21b0bdac6a1535b95a82fa33b6366e2733a384c56705b1740ce48e69037daa6abfde8236235ff3d
SSDEEP

6144:4YuvdewZTQt0nKpM3mJNiL1xkN/1s3UGvQT6D:GdewZ8t0KOmSL159

Score

N/A

Malware Config

Signatures

Files

5f7a7e3e840e089273d285e966b389d679d494546098ce817cb4bc8d6c6548b7
.dll windows x86

956a1dcfcc9cbc8611a276dcb5f2af7f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

nspr4

PR_ExplodeTime
PR_GMTParameters
PR_snprintf
PR_AtomicIncrement
PR_AtomicDecrement
PR_ImplodeTime

xpcom

NS_CStringToUTF16
NS_StringCopy
NS_StringGetData
NS_StringSetDataRange
NS_Free
NS_CStringGetIsVoid
NS_CStringSetIsVoid
NS_StringContainerInit2
NS_StringContainerFinish
NS_CStringCopy
NS_CStringSetData
NS_CStringGetData
NS_CStringContainerInit2
NS_CStringContainerFinish
NS_CStringContainerInit
NS_Alloc
NS_CStringGetMutableData
NS_GetServiceManager
NS_GetComponentManager
NS_StringContainerInit

js3250

JS_DefineUCProperty
js_NewDateObject
js_NewDateObjectMsec
js_DateGetMsecSinceEpoch
JS_GetStringLength
JS_GetStringChars
js_DateIsValid

kernel32

InterlockedDecrement
CreateFileA
ReadFile
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetFilePointer
LCMapStringW
LCMapStringA
FlushFileBuffers
GetConsoleMode
GetConsoleCP
GetLocaleInfoA
MultiByteToWideChar
RtlUnwind
InitializeCriticalSection
LoadLibraryA
SetStdHandle
CloseHandle
HeapSize
GetStringTypeW
GetStringTypeA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
VirtualAlloc
WriteFile
GetCurrentThreadId
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetLastError
EnterCriticalSection
LeaveCriticalSection
GetSystemTimeAsFileTime
HeapReAlloc
GetCurrentProcess
RaiseException
GetProcAddress
GetModuleHandleA
ExitProcess
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
Sleep
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent

Exports

Exports

NSGetModule

Sections

.text
Size: 133KB - Virtual size: 133KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 74KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

956a1dcfcc9cbc8611a276dcb5f2af7f

Headers

DLL Characteristics

File Characteristics

Imports

nspr4

xpcom

js3250

kernel32

Exports

Exports

Sections

.text Size: 133KB - Virtual size: 133KB

.rdata Size: 57KB - Virtual size: 56KB

.data Size: 74KB - Virtual size: 80KB

.rsrc Size: 1024B - Virtual size: 920B

.reloc Size: 10KB - Virtual size: 9KB

.text
Size: 133KB - Virtual size: 133KB

.rdata
Size: 57KB - Virtual size: 56KB

.data
Size: 74KB - Virtual size: 80KB

.rsrc
Size: 1024B - Virtual size: 920B

.reloc
Size: 10KB - Virtual size: 9KB