NL7Data0011[.]dll

Sharing

Copy URL

Twitter E-mail

General

Target

NL7Data0011.dll
Size

7.0MB
MD5

058c095b1a2bd7fdfb802c458f507247
SHA1

db0387f64ba2b95a4de8192ae303cdfa81d91b80
SHA256

a8f8112a5b87342d01620127b4d7883c8ef0a24470a12dcd23f35afa9d6f64fb
SHA512

106354fe49816e0b9563cadc0f1a279f9a2482e788edcd29ce2839ca0938c0095d401b7177ca69a4ac9e1df483435bbb5fafd675ea4b7b2ae3a5c2aa6e5bf6d1
SSDEEP

49152:qD73YttlPjFOMCXznWqD3Z3AwWX/XK8rr8dZZXwFZShu:qD734JOM6RADpr4LObShu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NL7Data0011.dll

Files

NL7Data0011.dll
.dll windows:6 windows x86 arch:x86

0d46ab1094a0d429938a7c61e6e11982

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

NL7Data0011.pdb

Imports

msvcrt

_except_handler4_common
?terminate@@YAXXZ
_onexit
__dllonexit
_unlock
_lock
??1type_info@@UAE@XZ
_initterm
_amsg_exit
_XcptFilter
_CxxThrowException
_wfopen_s
fclose
fseek
ftell
fread
_wsplitpath_s
_itow_s
wcsncmp
atoi
_itoa_s
??0bad_cast@@QAE@ABV0@@Z
??1bad_cast@@UAE@XZ
?name@type_info@@QBEPBDXZ
??8type_info@@QBEHABV0@@Z
tolower
iswctype
??0exception@@QAE@XZ
toupper
_isctype
__iob_func
fflush
fgetc
fgetpos
fputc
fsetpos
_fseeki64
fwrite
setvbuf
ungetc
memcpy_s
__CxxFrameHandler3
memcpy
memset
strerror
setlocale
___lc_handle_func
___lc_codepage_func
__pctype_func
isupper
__crtLCMapStringA
calloc
islower
abort
_resetstkoflw
towlower
towupper
realloc
_fileno
_isatty
strncmp
_iob
iswspace
wcsncat_s
swscanf_s
wcsncpy_s
wcschr
_vsnwprintf
??0exception@@QAE@ABV0@@Z
_purecall
??0exception@@QAE@ABQBD@Z
??1exception@@UAE@XZ
?what@exception@@UBEPBDXZ
memmove
free
malloc
_CIexp
_CIlog
_ftol2
_ftol2_sse

kernel32

MultiByteToWideChar
UnhandledExceptionFilter
Sleep
GetTimeZoneInformation
GetLocalTime
GetProcAddress
DisableThreadLibraryCalls
FindResourceW
InitializeCriticalSection
DecodePointer
EncodePointer
SetEndOfFile
GetLocaleInfoA
ReadFile
GetFileInformationByHandle
WideCharToMultiByte
GetModuleFileNameW
FormatMessageW
WriteFile
SetFilePointer
FlushFileBuffers
LoadResource
LockResource
SizeofResource
CreateFileW
GetTickCount
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
TerminateProcess
GetCurrentProcess
LocalFree
LoadLibraryExW
InitializeSRWLock
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
GetLastError
InitializeCriticalSectionAndSpinCount
SetLastError
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetFileSize
CloseHandle
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
SetUnhandledExceptionFilter

oleaut32

VariantClear
VariantChangeType
SysFreeString
VariantCopy
SysStringByteLen
SysAllocString
SysAllocStringByteLen
CreateErrorInfo
SetErrorInfo
VariantInit

Exports

Exports

LangDataCall

Sections

.text
Size: 3.1MB - Virtual size: 3.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 50KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3.8MB - Virtual size: 3.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0d46ab1094a0d429938a7c61e6e11982

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

kernel32

oleaut32

Exports

Exports

Sections

.text Size: 3.1MB - Virtual size: 3.1MB

.data Size: 50KB - Virtual size: 68KB

.idata Size: 3KB - Virtual size: 3KB

.rsrc Size: 3.8MB - Virtual size: 3.8MB

.reloc Size: 57KB - Virtual size: 57KB

.text
Size: 3.1MB - Virtual size: 3.1MB

.data
Size: 50KB - Virtual size: 68KB

.idata
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 3.8MB - Virtual size: 3.8MB

.reloc
Size: 57KB - Virtual size: 57KB