calculator[.]pyd

Sharing

Copy URL Twitter E-mail

General

Target

calculator.pyd
Size

92KB
MD5

86e3f5dc1d5750b01208fc5ef029f339
SHA1

01011a6e5a4badb1f9da6ed30a61247e86444ca8
SHA256

a567a5aa222aab4099da6609453cbab40abffa5d344113fa37594d2abf4fda2f
SHA512

8f57c56c2750eb597936b5f3883ae7015390f484af75aa43e754ed13eb2f956a5964346b5b21fea2c509d5de4d0dc8e9d872e96e7e93fd4161815f1513c8a5a8
SSDEEP

1536:tLKNqH/RyhKPwmdrnjzdygau9TkRhdNoLt9nWzEmtGcUq6PBrEZ4g:MN1hR8fxLau9zBtUGcUxPeZ4

Score

1^/10

Malware Config

Signatures

Files

calculator.pyd
.dll windows x64

82e0dd9af8fb4371edef689297d0dd46

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

python311

PySequence_Contains
PyDict_SetItemString
PyDict_Size
PyExc_AttributeError
PyTuple_GetSlice
PyUnicode_New
PyErr_SetString
PyIter_Next
PyObject_GetIter
PyNumber_Add
PyExc_ValueError
PyDict_Next
PyErr_Format
PyDict_Type
PyObject_RichCompare
PyTuple_Type
_Py_FalseStruct
PyImport_GetModule
PyFloat_Type
PyModule_NewObject
PyMethod_Type
PyLong_Type
PyType_IsSubtype
PyErr_Restore
PyExc_OverflowError
_Py_Dealloc
PyTuple_GetItem
PyImport_GetModuleDict
PyModule_GetDict
PyObject_Format
PyObject_Free
PyErr_ExceptionMatches
PyObject_GC_Del
PyErr_Fetch
PyDescr_IsData
PyObject_ClearWeakRefs
PyObject_Not
PyUnicode_AsUTF8
PyUnicode_FromFormat
PyVectorcall_Function
PyList_New
PySlice_New
PyImport_AddModule
PyType_Ready
PyObject_GetAttrString
PyErr_Clear
PyTuple_New
PyUnicode_Decode
PyException_SetTraceback
_PyObject_GenericGetAttrWithDict
PyDict_SetItem
PyDict_New
PyUnicode_Type
_PyDict_GetItem_KnownHash
PyMem_Free
PyExc_StopIteration
PyList_Type
PyErr_NoMemory
PyDict_GetItemString
PyObject_GetItem
PyModuleDef_Init
PyObject_GC_Track
PyBytes_FromStringAndSize
PyNumber_Long
PyUnicode_Compare
PyExc_TypeError
PyMem_Realloc
PyObject_IsTrue
PyDict_Copy
PyExc_NameError
PyTuple_Pack
_PyUnicode_Ready
PyMem_Malloc
PyList_AsTuple
Py_EnterRecursiveCall
PyExc_ImportError
_Py_TrueStruct
PyExc_SystemError
_PyUnicode_FastCopyCharacters
PyObject_SetItem
_PyObject_GC_New
PyMethodDescr_Type
PyUnicode_FromString
_PyType_Lookup
PyObject_Size
PyObject_Call
PyType_Type
PyUnicode_FromStringAndSize
_PyObject_GetDictPtr
_Py_NoneStruct
PyModule_GetName
PyObject_GetAttr
Py_GetVersion
PyInterpreterState_GetID
PyDict_GetItemWithError
PyUnicode_Concat
PyObject_Hash
PyObject_GC_UnTrack
PyLong_FromLong
PyObject_SetAttrString
PyMethod_New
PyExc_RuntimeError
_PyThreadState_UncheckedGet
PyList_SetSlice
PyTraceBack_Here
PyUnicode_AsUTF8AndSize
PyObject_GenericGetAttr
PyLong_FromSsize_t
PyErr_Occurred
PyErr_NormalizeException
PyImport_ImportModuleLevelObject
Py_LeaveRecursiveCall
PyExc_KeyError
_PyDict_SetItem_KnownHash
PyFrame_New
PyExc_RuntimeWarning
PyErr_WarnEx
PyObject_Malloc
PyErr_GivenExceptionMatches
PyCode_NewEmpty
PyErr_SetObject
PyException_GetTraceback
PyExc_Exception
PyThreadState_Get
PyOS_snprintf
PyCFunction_Type
PyUnicode_InternFromString
PyObject_SetAttr
PyList_Append
PyBaseObject_Type

kernel32

DisableThreadLibraryCalls
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent

vcruntime140

__C_specific_handler
strrchr
__std_type_info_destroy_list
memset
memcpy
memcmp

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_initterm
_execute_onexit_table
_cexit

Exports

Exports

PyInit_calculator

Sections

.text
Size: 65KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

82e0dd9af8fb4371edef689297d0dd46

Headers

DLL Characteristics

File Characteristics

Imports

python311

kernel32

vcruntime140

api-ms-win-crt-runtime-l1-1-0

Exports

Exports

Sections

.text Size: 65KB - Virtual size: 64KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 6KB - Virtual size: 9KB

.pdata Size: 2KB - Virtual size: 1KB

.rsrc Size: 512B - Virtual size: 248B

.reloc Size: 1024B - Virtual size: 724B

.text
Size: 65KB - Virtual size: 64KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 6KB - Virtual size: 9KB

.pdata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 512B - Virtual size: 248B

.reloc
Size: 1024B - Virtual size: 724B