59396531525b669c957d51edafdd9dc357befda175f1027ba2baaf80d20ddd69

Sharing

Copy URL Twitter E-mail

General

Target

59396531525b669c957d51edafdd9dc357befda175f1027ba2baaf80d20ddd69
Size

391KB
MD5

bff7fddc566e95ffe2073f900b9bf4e4
SHA1

ffadf8a2c242b084eecb7c405ae9b3c27853d1bc
SHA256

59396531525b669c957d51edafdd9dc357befda175f1027ba2baaf80d20ddd69
SHA512

ccbfa8fbfb0e7f9f25b4081b58b8f0287a48d86ab3bef9a87dad01cb6b1ad75bf6fe0dd0a21838f71d9c962a30ab36dd196c6827ccc16bb4069a9d6ac8ee512d
SSDEEP

6144:Irr/a2eXrGw+yCIp11ej42DtV2AYXJ2XoH6I3gobNSuC4J4:Irr/qqwhCIpTQ4lb2W9dC4J4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
59396531525b669c957d51edafdd9dc357befda175f1027ba2baaf80d20ddd69

Files

59396531525b669c957d51edafdd9dc357befda175f1027ba2baaf80d20ddd69
.dll windows x86

66e78bf7d69bdd6325645d2f50ee516a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

nss3

PL_ArenaAllocate
PL_ArenaRelease
PL_CompareStrings
PL_CompareValues
PL_FinishArenaPool
PL_HashString
PL_HashTableAdd
PL_HashTableDestroy
PL_HashTableEnumerateEntries
PL_HashTableLookup
PL_HashTableRemove
PL_InitArenaPool
PL_NewHashTable
PL_strcasecmp
PL_strlen
PR_CallOnce
PR_Calloc
PR_DestroyLock
PR_Free
PR_GetThreadPrivate
PR_Lock
PR_NewLock
PR_NewThreadPrivateIndex
PR_SetThreadPrivate
PR_Unlock

api-ms-win-crt-private-l1-1-0

memcmp
memcpy
memmove

api-ms-win-crt-runtime-l1-1-0

__p___argc
__p___argv
__p___wargv
_configure_narrow_argv
_configure_wide_argv
_crt_at_quick_exit
_crt_atexit
_execute_onexit_table
_exit
_initialize_narrow_environment
_initialize_onexit_table
_initialize_wide_environment
_initterm
_register_onexit_function
abort

api-ms-win-crt-string-l1-1-0

memset
strlen
strncmp

kernel32

DeleteCriticalSection
EnterCriticalSection
GetLastError
GetModuleHandleW
GetProcAddress
InitializeCriticalSection
LeaveCriticalSection
Sleep
TlsGetValue
VirtualProtect
VirtualQuery

advapi32

CryptAcquireContextA
CryptGenRandom
CryptReleaseContext

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func
__stdio_common_vfprintf
__stdio_common_vfwprintf
_close
_open
_write
fwrite

api-ms-win-crt-environment-l1-1-0

__p__environ
__p__wenviron

api-ms-win-crt-heap-l1-1-0

_set_new_mode
calloc
free

api-ms-win-crt-time-l1-1-0

__daylight
__timezone
__tzname
_tzset

Exports

Exports

C_GetFunctionList

Sections

.text
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 269KB - Virtual size: 269KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.buildid
Size: 512B - Virtual size: 169B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.eh_fram
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

66e78bf7d69bdd6325645d2f50ee516a

Headers

DLL Characteristics

File Characteristics

Imports

nss3

api-ms-win-crt-private-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-string-l1-1-0

kernel32

advapi32

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-environment-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-time-l1-1-0

Exports

Exports

Sections

.text Size: 62KB - Virtual size: 61KB

.rdata Size: 269KB - Virtual size: 269KB

.buildid Size: 512B - Virtual size: 169B

.data Size: 18KB - Virtual size: 18KB

.eh_fram Size: 15KB - Virtual size: 14KB

.tls Size: 512B - Virtual size: 8B

.rsrc Size: 1024B - Virtual size: 904B

.reloc Size: 23KB - Virtual size: 23KB

.text
Size: 62KB - Virtual size: 61KB

.rdata
Size: 269KB - Virtual size: 269KB

.buildid
Size: 512B - Virtual size: 169B

.data
Size: 18KB - Virtual size: 18KB

.eh_fram
Size: 15KB - Virtual size: 14KB

.tls
Size: 512B - Virtual size: 8B

.rsrc
Size: 1024B - Virtual size: 904B

.reloc
Size: 23KB - Virtual size: 23KB