NL7Data0011[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

NL7Data0011.dll
Size

7.0MB
MD5

82dfdfc5b083ee87436fcea43e58954b
SHA1

d224cb24d9b7c10b32abddc6b17722746b94e087
SHA256

f59382d827fca4d255d9c3933a53d6c11bb78b6573b9769da5cc5c9897389dae
SHA512

57d73b4cef7ae2dc54a920359310f9058d6be023681d408cd288c77030657e2a9a0fa77af705037d87841791d2fca0dac3ed0a8e23e02fbbb0e8508df98ac3f1
SSDEEP

49152:ED73YttlTjwWcOAjNuOSc93Z3AwWX/XK8rr8dZZXwFZShuE:ED734IWPCRADpr4LObShu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NL7Data0011.dll

Files

NL7Data0011.dll
.dll windows:6 windows x86 arch:x86

0d46ab1094a0d429938a7c61e6e11982

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

NL7Data0011.pdb

Imports

msvcrt

_except_handler4_common
?terminate@@YAXXZ
_onexit
__dllonexit
_unlock
_lock
??1type_info@@UAE@XZ
_initterm
_amsg_exit
_XcptFilter
_CxxThrowException
_wfopen_s
fclose
fseek
ftell
fread
_wsplitpath_s
_itow_s
wcsncmp
atoi
_itoa_s
??0bad_cast@@QAE@ABV0@@Z
??1bad_cast@@UAE@XZ
?name@type_info@@QBEPBDXZ
??8type_info@@QBEHABV0@@Z
tolower
iswctype
??0exception@@QAE@XZ
toupper
_isctype
__iob_func
fflush
fgetc
fgetpos
fputc
fsetpos
_fseeki64
fwrite
setvbuf
ungetc
memcpy_s
__CxxFrameHandler3
memcpy
memset
strerror
setlocale
___lc_handle_func
___lc_codepage_func
__pctype_func
isupper
__crtLCMapStringA
calloc
islower
abort
_resetstkoflw
towlower
towupper
realloc
_fileno
_isatty
strncmp
_iob
iswspace
wcsncat_s
swscanf_s
wcsncpy_s
wcschr
_vsnwprintf
??0exception@@QAE@ABV0@@Z
_purecall
??0exception@@QAE@ABQBD@Z
??1exception@@UAE@XZ
?what@exception@@UBEPBDXZ
memmove
free
malloc
_CIexp
_CIlog
_ftol2
_ftol2_sse

kernel32

MultiByteToWideChar
UnhandledExceptionFilter
Sleep
GetTimeZoneInformation
GetLocalTime
GetProcAddress
DisableThreadLibraryCalls
FindResourceW
InitializeCriticalSection
DecodePointer
EncodePointer
SetEndOfFile
GetLocaleInfoA
ReadFile
GetFileInformationByHandle
WideCharToMultiByte
GetModuleFileNameW
FormatMessageW
WriteFile
SetFilePointer
FlushFileBuffers
LoadResource
LockResource
SizeofResource
CreateFileW
GetTickCount
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
TerminateProcess
GetCurrentProcess
LocalFree
LoadLibraryExW
InitializeSRWLock
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
GetLastError
InitializeCriticalSectionAndSpinCount
SetLastError
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetFileSize
CloseHandle
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
SetUnhandledExceptionFilter

oleaut32

VariantClear
VariantChangeType
SysFreeString
VariantCopy
SysStringByteLen
SysAllocString
SysAllocStringByteLen
CreateErrorInfo
SetErrorInfo
VariantInit

Exports

Exports

LangDataCall

Sections

.text
Size: 3.1MB - Virtual size: 3.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 50KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3.8MB - Virtual size: 3.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0d46ab1094a0d429938a7c61e6e11982

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

kernel32

oleaut32

Exports

Exports

Sections

.text Size: 3.1MB - Virtual size: 3.1MB

.data Size: 50KB - Virtual size: 68KB

.idata Size: 3KB - Virtual size: 3KB

.rsrc Size: 3.8MB - Virtual size: 3.8MB

.reloc Size: 34KB - Virtual size: 33KB

.text
Size: 3.1MB - Virtual size: 3.1MB

.data
Size: 50KB - Virtual size: 68KB

.idata
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 3.8MB - Virtual size: 3.8MB

.reloc
Size: 34KB - Virtual size: 33KB