7d65f6eef1f474a21ec34e576e149905

Sharing

Copy URL

Twitter E-mail

General

Target

7d65f6eef1f474a21ec34e576e149905
Size

320KB
MD5

7d65f6eef1f474a21ec34e576e149905
SHA1

c827eb4cb09555303c4ff00af0ad231a05ffae42
SHA256

5dae1996f6ff085109ca134a5d056a5e7d1b5ef2515d0c3e29967e4b99b57ad9
SHA512

29fa1ecdcfd6b33b59003bc27012750d7f2642ea0767ada499885485695367dbb32563f101a9e9944c057d9e80d7118be1c75ae38f98d17cd6cff61fcadf66ae
SSDEEP

6144:/7caUycODMMScqyJNjuGZzfTYRtRDE3ABjqDPQf7rMhoHzb8MUCixk3wORy/XM3C:DUTYMUDxodyM3iaciy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7d65f6eef1f474a21ec34e576e149905

Files

7d65f6eef1f474a21ec34e576e149905
.dll windows:4 windows x86 arch:x86

e2a3421466fee38113395ef930c13228

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\BUILD_~1\jdk6_22\control\build\WINDOW~1\tmp\deploy\plugin\npjp2\obj\npjp2.pdb

Imports

user32

GetWindowLongA
SetWindowLongA
MessageBoxA
UnhookWindowsHookEx
SetWindowsHookExA
TranslateMessage
PeekMessageA
DispatchMessageA
RemovePropA
SetPropA
GetParent
GetPropA
IsWindow
CallNextHookEx

gdi32

DeleteEnhMetaFile
StretchDIBits
GetDeviceCaps
GetObjectType
CreateEnhMetaFileA
CloseEnhMetaFile
PlayEnhMetaFile

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegEnumKeyA

msvcr71

__CppXcptFilter
_adjust_fdiv
malloc
_initterm
_onexit
__dllonexit
_splitpath
_except_handler3
free
sprintf
strncpy
??3@YAXPAX@Z
??2@YAPAXI@Z
getenv
_vsnprintf
_snprintf
_stat
_mbsicmp
_mbsrchr
_strdup
memset
__security_error_handler
__CxxFrameHandler

kernel32

lstrlenW
DisableThreadLibraryCalls
GetLastError
GetModuleFileNameA
InitializeCriticalSection
DeleteCriticalSection
GetShortPathNameA
GetModuleHandleA
ExitProcess
QueryPerformanceCounter
GetCurrentProcessId
CreateFileA
GetSystemTimeAsFileTime
WideCharToMultiByte
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
MultiByteToWideChar
CloseHandle
GetCurrentThreadId
GetTickCount
WaitForSingleObject
LoadLibraryA
GetProcAddress
FreeLibrary
AllocConsole
GetStdHandle
WriteConsoleA
GetLongPathNameA

ole32

CoTaskMemFree
StringFromCLSID

Exports

Exports

NP_GetEntryPoints
NP_Initialize
NP_Shutdown
_Java_sun_plugin2_main_server_MozillaPlugin_allocateNPObject@20
_Java_sun_plugin2_main_server_MozillaPlugin_allocateNPObjectForJavaNameSpace@20
_Java_sun_plugin2_main_server_MozillaPlugin_allocateVariantArray@12
_Java_sun_plugin2_main_server_MozillaPlugin_freeVariantArray@20
_Java_sun_plugin2_main_server_MozillaPlugin_getAuthentication0@36
_Java_sun_plugin2_main_server_MozillaPlugin_getCookie0@20
_Java_sun_plugin2_main_server_MozillaPlugin_getProxy0@20
_Java_sun_plugin2_main_server_MozillaPlugin_initServiceManager@8
_Java_sun_plugin2_main_server_MozillaPlugin_invokeLater0@20
_Java_sun_plugin2_main_server_MozillaPlugin_javaScriptGetWindow0@16
_Java_sun_plugin2_main_server_MozillaPlugin_npnEvaluate@36
_Java_sun_plugin2_main_server_MozillaPlugin_npnGetIntIdentifier@12
_Java_sun_plugin2_main_server_MozillaPlugin_npnGetProperty@40
_Java_sun_plugin2_main_server_MozillaPlugin_npnGetStringIdentifier@12
_Java_sun_plugin2_main_server_MozillaPlugin_npnHasMethod@32
_Java_sun_plugin2_main_server_MozillaPlugin_npnHasProperty@32
_Java_sun_plugin2_main_server_MozillaPlugin_npnIdentifierIsString@16
_Java_sun_plugin2_main_server_MozillaPlugin_npnIntFromIdentifier@16
_Java_sun_plugin2_main_server_MozillaPlugin_npnInvoke@52
_Java_sun_plugin2_main_server_MozillaPlugin_npnReleaseObject@16
_Java_sun_plugin2_main_server_MozillaPlugin_npnRemoveProperty@32
_Java_sun_plugin2_main_server_MozillaPlugin_npnRetainObject@16
_Java_sun_plugin2_main_server_MozillaPlugin_npnSetException@20
_Java_sun_plugin2_main_server_MozillaPlugin_npnSetProperty@40
_Java_sun_plugin2_main_server_MozillaPlugin_npnUTF8FromIdentifier@16
_Java_sun_plugin2_main_server_MozillaPlugin_setCookie0@24
_Java_sun_plugin2_main_server_MozillaPlugin_setVariantArrayElement0__JIB@24
_Java_sun_plugin2_main_server_MozillaPlugin_setVariantArrayElement0__JIC@24
_Java_sun_plugin2_main_server_MozillaPlugin_setVariantArrayElement0__JID@28
_Java_sun_plugin2_main_server_MozillaPlugin_setVariantArrayElement0__JIF@24
_Java_sun_plugin2_main_server_MozillaPlugin_setVariantArrayElement0__JII@24
_Java_sun_plugin2_main_server_MozillaPlugin_setVariantArrayElement0__JIJ@28
_Java_sun_plugin2_main_server_MozillaPlugin_setVariantArrayElement0__JILjava_lang_String_2@24
_Java_sun_plugin2_main_server_MozillaPlugin_setVariantArrayElement0__JIS@24
_Java_sun_plugin2_main_server_MozillaPlugin_setVariantArrayElement0__JIZ@24
_Java_sun_plugin2_main_server_MozillaPlugin_setVariantArrayElementToScriptingObject0@28
_Java_sun_plugin2_main_server_MozillaPlugin_setVariantArrayElementToVoid0@20
_Java_sun_plugin2_main_server_MozillaPlugin_showDocument0@24
_Java_sun_plugin2_main_server_MozillaPlugin_showStatus0@20
_Java_sun_plugin2_main_server_MozillaPlugin_variantArrayElementToObject0@28
_Java_sun_plugin2_main_server_ServerPrintHelper_isPrinterDC0@16
_Java_sun_plugin2_main_server_ServerPrintHelper_printBand0@56
_Java_sun_plugin2_main_server_WindowsHelper_installModalFilterHook@20
_Java_sun_plugin2_main_server_WindowsHelper_installMouseHook@20
_Java_sun_plugin2_main_server_WindowsHelper_runMessagePump0@28
_Java_sun_plugin2_main_server_WindowsHelper_uninstallHook@24

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 252KB - Virtual size: 252KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e2a3421466fee38113395ef930c13228

Headers

File Characteristics

PDB Paths

Imports

user32

gdi32

advapi32

msvcr71

kernel32

ole32

Exports

Exports

Sections

.text Size: 16KB - Virtual size: 15KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 20KB

.rsrc Size: 28KB - Virtual size: 26KB

.reloc Size: 4KB - Virtual size: 1KB

.text Size: 252KB - Virtual size: 252KB

.text
Size: 16KB - Virtual size: 15KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 20KB

.rsrc
Size: 28KB - Virtual size: 26KB

.reloc
Size: 4KB - Virtual size: 1KB

.text
Size: 252KB - Virtual size: 252KB