a470a04c88b01a2c23130e280ff064e0N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

a470a04c88b01a2c23130e280ff064e0N.exe
Size

12KB
MD5

a470a04c88b01a2c23130e280ff064e0
SHA1

4fec69c7e82b07a86224481bc04efae0f4778861
SHA256

b45993558f7fa70b3c78dc38c6a8524ab7b80ca6fbbd31557f03231c3cfc85dd
SHA512

4bc2b02c9d16edcc06e4d7f52115972e00b75c291b2c6fb5ed5771b5408c0a3dccde6b6baf8fd63b56f8d9139e96e68a59fc0537edd11c36d54cebedcf7e4993
SSDEEP

192:kckA0ZL9K7NSHKyPLBQtUkI3XoVlD65eO6r+qnZ:RD7OKOt7YVldr+E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a470a04c88b01a2c23130e280ff064e0N.exe

Files

a470a04c88b01a2c23130e280ff064e0N.exe
.dll windows:4 windows x86 arch:x86

138cbdbf92c81c3d9e468dea48d46e30

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\buildbot\win32-comm-central-nightly\build\objdir-tb\mozilla\xpcom\stub\xpcom.pdb

Imports

xul

NS_CStringContainerInit2_P
NS_CStringContainerFinish_P
NS_CStringGetData_P
NS_CStringGetMutableData_P
NS_CStringCloneData_P
NS_CStringSetData_P
NS_CStringSetDataRange_P
NS_CStringCopy_P
NS_CStringContainerInit_P
NS_CStringGetIsVoid_P
NS_CStringToUTF16_P
NS_UTF16ToCString_P
NS_CycleCollectorSuspect_P
NS_CycleCollectorForget_P
NS_CycleCollectorSuspect2_P
NS_CycleCollectorForget2_P
NS_StringSetIsVoid_P
NS_StringGetIsVoid_P
NS_StringCopy_P
NS_StringSetDataRange_P
NS_StringSetData_P
NS_StringCloneData_P
NS_StringGetMutableData_P
NS_StringGetData_P
NS_StringContainerFinish_P
NS_StringContainerInit2_P
NS_StringContainerInit_P
NS_InvokeByIndex_P
NS_DestroyXPTCallStub_P
NS_GetXPTCallStub_P
NS_LogCOMPtrRelease_P
NS_LogCOMPtrAddRef_P
NS_LogDtor_P
NS_LogCtor_P
NS_LogRelease_P
NS_LogAddRef_P
NS_LogInit_P
NS_LogTerm_P
NS_DebugBreak_P
NS_Free_P
NS_Realloc_P
NS_Alloc_P
NS_GetTraceRefcnt_P
NS_GetDebug_P
NS_NewNativeLocalFile_P
NS_NewLocalFile_P
NS_GetMemoryManager_P
NS_GetComponentRegistrar_P
NS_GetComponentManager_P
NS_GetServiceManager_P
NS_ShutdownXPCOM_P
NS_CStringSetIsVoid_P
NS_InitXPCOM2_P

mozcrt19

_crt_debugger_hook
_onexit
_lock
__dllonexit
_unlock
__clean_type_info_names_internal
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_decode_pointer
_encoded_null
free
_malloc_crt
_encode_pointer
memcpy
_except_handler4_common

kernel32

SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
InterlockedCompareExchange
Sleep
InterlockedExchange
IsDebuggerPresent

Exports

Exports

NS_Alloc
NS_CStringCloneData
NS_CStringContainerFinish
NS_CStringContainerInit
NS_CStringContainerInit2
NS_CStringCopy
NS_CStringGetData
NS_CStringGetIsVoid
NS_CStringGetMutableData
NS_CStringSetData
NS_CStringSetDataRange
NS_CStringSetIsVoid
NS_CStringToUTF16
NS_CycleCollectorForget
NS_CycleCollectorForget2
NS_CycleCollectorSuspect
NS_CycleCollectorSuspect2
NS_DebugBreak
NS_DestroyXPTCallStub
NS_Free
NS_GetComponentManager
NS_GetComponentRegistrar
NS_GetDebug
NS_GetFrozenFunctions
NS_GetMemoryManager
NS_GetServiceManager
NS_GetTraceRefcnt
NS_GetXPTCallStub
NS_InitXPCOM2
NS_InvokeByIndex
NS_LogAddRef
NS_LogCOMPtrAddRef
NS_LogCOMPtrRelease
NS_LogCtor
NS_LogDtor
NS_LogInit
NS_LogRelease
NS_LogTerm
NS_NewLocalFile
NS_NewNativeLocalFile
NS_Realloc
NS_RegisterXPCOMExitRoutine
NS_ShutdownXPCOM
NS_StringCloneData
NS_StringContainerFinish
NS_StringContainerInit
NS_StringContainerInit2
NS_StringCopy
NS_StringGetData
NS_StringGetIsVoid
NS_StringGetMutableData
NS_StringSetData
NS_StringSetDataRange
NS_StringSetIsVoid
NS_UTF16ToCString
NS_UnregisterXPCOMExitRoutine

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 896B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 818B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

138cbdbf92c81c3d9e468dea48d46e30

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

xul

mozcrt19

kernel32

Exports

Exports

Sections

.text Size: 3KB - Virtual size: 3KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 1024B - Virtual size: 896B

.reloc Size: 1024B - Virtual size: 818B

.text
Size: 3KB - Virtual size: 3KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 1024B - Virtual size: 896B

.reloc
Size: 1024B - Virtual size: 818B