softokn3[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

softokn3.dll
Size

240KB
MD5

4d71885b3864fb27f2ef9f837ff2f1d9
SHA1

c0f7f89d85b862a3e5c53ddadd9fe9cf99046267
SHA256

6d815af6fd9b791ec9184945991bbaec16166c8443d2f3d4cec76eb8137b1ffb
SHA512

bdb4d1ed13bf2bfa8c1ee4f89693f774c8b7fd4ca5b54995235f5baff224eeff8f31996e994f6a9f4616f018afb89b4a9280282b9bb1e9308d01935ad6e9efb3
SSDEEP

6144:/yF/zX2zfRkU62THVh/T2AhZxv6A31obD6Hq/8jis+FvtVRpsAAs0o8OqTYz+xn7:/yRzX2zfRkX2T1h/SA5PF9m8jJqKYz+F

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
softokn3.dll

Files

softokn3.dll
.dll windows:6 windows x86 arch:x86

32ef7516974ac0c43943c0635266c6fd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

softokn3.pdb

Imports

nss3

DER_Encode_Util
DER_GetInteger_Util
DER_SetUInteger
NSSUTIL_ArgDecodeNumber
NSSUTIL_ArgFetchValue
NSSUTIL_ArgGetLabel
NSSUTIL_ArgHasFlag
NSSUTIL_ArgIsBlank
NSSUTIL_ArgSkipParameter
NSSUTIL_ArgStrip
NSSUTIL_DoModuleDBFunction
NSS_Get_SECOID_AlgorithmIDTemplate_Util
NSS_Get_SEC_AnyTemplate_Util
NSS_Get_SEC_BitStringTemplate_Util
NSS_Get_SEC_ObjectIDTemplate_Util
NSS_Get_SEC_OctetStringTemplate_Util
NSS_SecureMemcmp
PL_CompareValues
PL_HashTableAdd
PL_HashTableDestroy
PL_HashTableEnumerateEntries
PL_HashTableLookup
PL_HashTableLookupConst
PL_HashTableRemove
PL_NewHashTable
PL_strcasecmp
PL_strncasecmp
PORT_Alloc_Util
PORT_ArenaAlloc_Util
PORT_ArenaGrow_Util
PORT_ArenaZAlloc_Util
PORT_FreeArena_Util
PORT_Free_Util
PORT_GetError_Util
PORT_NewArena_Util
PORT_Realloc_Util
PORT_SetError_Util
PORT_Strdup_Util
PORT_ZAlloc_Util
PORT_ZFree_Util
PR_Access
PR_CallOnce
PR_DestroyLock
PR_DestroyMonitor
PR_EnterMonitor
PR_ExitMonitor
PR_FindFunctionSymbol
PR_Free
PR_GetCurrentThread
PR_GetDirectorySeparator
PR_GetEnv
PR_GetEnvSecure
PR_GetLibraryFilePathname
PR_IntervalNow
PR_LoadLibraryWithFlags
PR_Lock
PR_MillisecondsToInterval
PR_NewLock
PR_NewMonitor
PR_Now
PR_SecondsToInterval
PR_Sleep
PR_UnloadLibrary
PR_Unlock
PR_smprintf
PR_smprintf_free
PR_snprintf
SECITEM_AllocItem_Util
SECITEM_CompareItem_Util
SECITEM_CopyItem_Util
SECITEM_DupItem_Util
SECITEM_FreeItem_Util
SECITEM_HashCompare
SECITEM_ItemsAreEqual_Util
SECITEM_ZfreeItem_Util
SECOID_CopyAlgorithmID_Util
SECOID_DestroyAlgorithmID_Util
SECOID_FindOIDByMechanism
SECOID_GetAlgorithmTag_Util
SECOID_Init
SECOID_SetAlgorithmID_Util
SECOID_Shutdown
SEC_ASN1DecodeItem_Util
SEC_ASN1EncodeInteger_Util
SEC_ASN1EncodeItem_Util
SEC_QuickDERDecodeItem_Util
SGN_CreateDigestInfo_Util
SGN_DestroyDigestInfo_Util
UTIL_SetForkState
_NSSUTIL_Access
_NSSUTIL_EvaluateConfigDir
_NSSUTIL_UTF8ToWide
_SGN_VerifyPKCS1DigestInfo
sqlite3_bind_blob
sqlite3_bind_int
sqlite3_bind_text
sqlite3_busy_timeout
sqlite3_close
sqlite3_column_blob
sqlite3_column_bytes
sqlite3_column_int
sqlite3_column_text
sqlite3_exec
sqlite3_file_control
sqlite3_finalize
sqlite3_free
sqlite3_mprintf
sqlite3_open_v2
sqlite3_prepare_v2
sqlite3_reset
sqlite3_step

kernel32

DisableThreadLibraryCalls
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
GetTempPathA
InitializeSListHead
IsDebuggerPresent
IsProcessorFeaturePresent
QueryPerformanceCounter
SetUnhandledExceptionFilter
TerminateProcess
UnhandledExceptionFilter

vcruntime140

__std_type_info_destroy_list
_except_handler4_common
memcmp
memcpy
memset
strrchr

api-ms-win-crt-runtime-l1-1-0

_cexit
_configure_narrow_argv
_execute_onexit_table
_initialize_narrow_environment
_initialize_onexit_table
_initterm
_initterm_e
_seh_filter_dll

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf

api-ms-win-crt-filesystem-l1-1-0

_wchmod

api-ms-win-crt-convert-l1-1-0

atoi
strtoul

api-ms-win-crt-heap-l1-1-0

free
malloc
realloc

api-ms-win-crt-environment-l1-1-0

getenv

api-ms-win-crt-string-l1-1-0

islower
isupper
strcmp
strcpy
strlen

api-ms-win-crt-utility-l1-1-0

qsort

Exports

Exports

C_GetFunctionList
C_GetInterface
C_GetInterfaceList
FC_GetFunctionList
FC_GetInterface
FC_GetInterfaceList
NSC_GetFunctionList
NSC_GetInterface
NSC_GetInterfaceList
NSC_ModuleDBFunc

Sections

.text
Size: 179KB - Virtual size: 178KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.00cfg
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 896B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

32ef7516974ac0c43943c0635266c6fd

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

nss3

kernel32

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-environment-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-utility-l1-1-0

Exports

Exports

Sections

.text Size: 179KB - Virtual size: 178KB

.rdata Size: 43KB - Virtual size: 42KB

.data Size: 2KB - Virtual size: 2KB

.00cfg Size: 512B - Virtual size: 4B

.rsrc Size: 1024B - Virtual size: 896B

.reloc Size: 13KB - Virtual size: 13KB

.text
Size: 179KB - Virtual size: 178KB

.rdata
Size: 43KB - Virtual size: 42KB

.data
Size: 2KB - Virtual size: 2KB

.00cfg
Size: 512B - Virtual size: 4B

.rsrc
Size: 1024B - Virtual size: 896B

.reloc
Size: 13KB - Virtual size: 13KB