FirefoxData[.]7z

Resubmissions

12-08-2024 13:45

240812-q2s5gatdll 10

12-08-2024 13:42

240812-qzqxbsxfph 3

Sharing

Copy URL

Twitter E-mail

General

Target

FirefoxData.7z
Size

944KB
MD5

195bc61de58bfb5cbd1b0784df29c23d
SHA1

1ac31ee9ffafcc8e5f62cac6f0462f2637dbf1c1
SHA256

6df25ecde5a1bb916916fbecc018fec4555316530ae9e6d21394c51642fe87f8
SHA512

ca7895f7f886b0a01448048af674903eb15e9d34a60556f5173b90f9855155b55188b666d54060c24c682509e781cda62ca5b69ce3746f22ddffda103e13bada
SSDEEP

24576:oGWMy/NM2ml1KFpDaPyqidJdNlD78cbhM+Tv/8T:Lyl1mla5aw/rlD73bhMK/o

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack001/FirefoxData.dll

Files

FirefoxData.7z
.7z

Password: infected
FirefoxData.dll
.dll windows:6 windows x86 arch:x86

Password: infected

7b5d177b063b76d3393869008338136a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

msdia140.pdb

Imports

kernel32

SetLastError
FindResourceExW
LoadResource
LockResource
SizeofResource
MultiByteToWideChar
LoadLibraryExW
GetProcAddress
LocalAlloc
LocalFree
GetModuleFileNameW
GetLastError
GetSystemInfo
InitializeCriticalSection
DeleteCriticalSection
LCMapStringW
UnmapViewOfFile
CloseHandle
EnterCriticalSection
LeaveCriticalSection
CreateFileW
GetFileSize
CreateFileMappingW
MapViewOfFile
GetFileSizeEx
RaiseException
VirtualProtect
VirtualQuery
FreeLibrary
GetModuleHandleW
LoadLibraryExA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
InterlockedFlushSList
RtlUnwind
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
EncodePointer
GetFullPathNameW
GetFullPathNameA
SetStdHandle
GetFileType
SetFilePointerEx
ReadFile
GetConsoleMode
ReadConsoleW
ExitProcess
GetModuleHandleExW
GetModuleFileNameA
WideCharToMultiByte
GetACP
HeapFree
HeapAlloc
GetStdHandle
GetStringTypeW
GetDriveTypeW
WriteFile
CompareStringW
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetProcessHeap
FlushFileBuffers
GetConsoleCP
GetCurrentDirectoryW
HeapSize
HeapReAlloc
WriteConsoleW
SetEndOfFile
DecodePointer
GetFileAttributesW
SetFileAttributesW
VirtualAlloc
VirtualFree
DeleteFileW
DeviceIoControl
ExpandEnvironmentStringsW
MapViewOfFileEx

Exports

Exports

AlphaBlend
AlphaBlend
AlphaBlend
TransparentBlt
VSDllRegisterServer
VSDllUnregisterServer

Sections

.text
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 944KB - Virtual size: 943KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

7b5d177b063b76d3393869008338136a

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

Exports

Exports

Sections

.text Size: 1.0MB - Virtual size: 1.0MB

.data Size: 9KB - Virtual size: 16KB

.idata Size: 3KB - Virtual size: 4KB

.rsrc Size: 944KB - Virtual size: 943KB

.text
Size: 1.0MB - Virtual size: 1.0MB

.data
Size: 9KB - Virtual size: 16KB

.idata
Size: 3KB - Virtual size: 4KB

.rsrc
Size: 944KB - Virtual size: 943KB