f2fec9ef2babf1c17b844d99768fd510N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

f2fec9ef2babf1c17b844d99768fd510N.exe
Size

156KB
MD5

f2fec9ef2babf1c17b844d99768fd510
SHA1

0afcde148c3ece08c1bdca168a644728fe34eb07
SHA256

9688d8482047b87dc3a8aa931352743ba15fa9bf582d69cb7efc63b3ec263d93
SHA512

826782b1e8a44264b487267363005a192888dddd6fa4914639d6c025f1bb856e89ce46684b79b35a8f53ace30867b66dfed3ef93defa1bd3320d826dd8dc44b4
SSDEEP

3072:36pebvnuqOfllgnZ+57/xR2mHBW6HvcHauaaoFZMltHYILcTqOIOW:36Q72lgc86HGCYzL0qO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f2fec9ef2babf1c17b844d99768fd510N.exe

Files

f2fec9ef2babf1c17b844d99768fd510N.exe
.dll windows:5 windows x64 arch:x64

f8fda5901053e092b109e5a68de84513

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

e:\builds\moz2_slave\cen-w64-ntly\build\obj-firefox\browser\components\build\browsercomps.pdb

Imports

xpcom

NS_UTF16ToCString
NS_CStringContainerFinish
NS_StringContainerFinish
NS_StringGetData
NS_StringContainerInit
NS_CStringSetDataRange
NS_CStringSetData
NS_GetServiceManager
NS_GetComponentManager
NS_CStringGetMutableData
NS_StringGetMutableData
NS_StringSetData
NS_Realloc
NS_StringCloneData
NS_CStringCloneData
NS_CStringContainerInit
NS_Free
NS_NewLocalFile
NS_StringContainerInit2
NS_StringSetDataRange
NS_CStringToUTF16
NS_StringCopy
NS_NewNativeLocalFile
NS_CStringCopy
NS_CStringGetData
NS_CStringContainerInit2

xul

?Release@gfxASurface@@QEAAKXZ

mozalloc

moz_free
moz_xrealloc
moz_malloc
moz_realloc
moz_xmalloc

nspr4

PR_NewLock
PR_Now
PR_sscanf
PR_StringToNetAddr
PR_ImplodeTime
PR_Read
PR_Free
PR_Malloc
PR_SetError
PR_Calloc
PR_Lock
PR_Close
PR_GetError
PR_DestroyLock
PR_Unlock

plc4

PL_strcasecmp
PL_strcmp
PL_strlen
PL_strncpy
PL_strcpy
PL_strdup

kernel32

IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
Sleep
DisableThreadLibraryCalls
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
RtlVirtualUnwind
RtlLookupFunctionEntry
GetWindowsDirectoryA
ExpandEnvironmentStringsW
GetProcAddress
FileTimeToSystemTime
LoadLibraryW
CloseHandle
GetLongPathNameW
GetModuleFileNameW
CreateProcessW
GetEnvironmentVariableW
RtlCaptureContext
GetSystemTimeAsFileTime

user32

GetSysColor
ReleaseDC
SystemParametersInfoW
SetSysColors
GetDC

gdi32

EnumFontFamiliesExW

advapi32

RegSetValueExW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
RegEnumKeyExW
RegCloseKey

ole32

CoUninitialize
CoInitialize
CoTaskMemFree
CoCreateInstance

mozcrt19

_wfopen
_snprintf
memcmp
strlen
fclose
fseek
fwrite
fread
fopen
_errno
fflush
_stat64i32
wcslen
wcstol
wcsncpy
sscanf
wcscat
swscanf
_mktime64
memmove
memcpy
memset
sprintf
strcmp
__C_specific_handler
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
_malloc_crt
_initterm
_initterm_e
free
_encoded_null
_amsg_exit
__clean_type_info_names_internal
__crt_debugger_hook
__CppXcptFilter
ftell

oleaut32

SysFreeString
SysAllocString

Exports

Exports

NSModule

Sections

.text
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f8fda5901053e092b109e5a68de84513

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

xpcom

xul

mozalloc

nspr4

plc4

kernel32

user32

gdi32

advapi32

ole32

mozcrt19

oleaut32

Exports

Exports

Sections

.text Size: 112KB - Virtual size: 112KB

.rdata Size: 28KB - Virtual size: 27KB

.data Size: 7KB - Virtual size: 9KB

.pdata Size: 4KB - Virtual size: 3KB

.rsrc Size: 1024B - Virtual size: 912B

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 112KB - Virtual size: 112KB

.rdata
Size: 28KB - Virtual size: 27KB

.data
Size: 7KB - Virtual size: 9KB

.pdata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 1024B - Virtual size: 912B

.reloc
Size: 2KB - Virtual size: 1KB