blast_parser_2019041501[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

blast_parser_2019041501.exe
Size

7.2MB
MD5

f9b5fc1fd5786332eef2b52ab1ee0490
SHA1

25f19aec2c863d028bcc7ae883b19101cac79e6f
SHA256

f75fe6d497a44f5e7536ddc168994b98df0bd257d186944fd7ea4c0108033a43
SHA512

452be24f8599beab17a1e0841d99705f5649603f6d224f926676b1617daeb86e7cac9096fc3dea9cdc63df344b51d0dc728c14621e778171acfa38820d9fad55
SSDEEP

98304:tREb2p994+m5Bgw6c7Rx1Q+ngcHniwdQBYanb:pp994+gTdHk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
blast_parser_2019041501.exe

Files

blast_parser_2019041501.exe
.exe windows x86

82a8ea622a1fa89d05d2eda1c15b9080

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathRemoveFileSpecW
PathRemoveFileSpecA

shell32

CommandLineToArgvW

python37

Py_DontWriteBytecodeFlag
Py_NoUserSiteDirectory
Py_UTF8Mode
PyImport_FrozenModules
PyObject_RichCompare
PyObject_GC_UnTrack
PyObject_GC_Del
PyErr_SetString
PyErr_BadArgument
PyObject_Repr
PyObject_ClearWeakRefs
PyMem_Malloc
_PyObject_GC_Resize
_PyObject_GC_Malloc
PyDict_Next
PyModule_GetDict
PyObject_GetIter
PyIter_Next
PyDict_Type
PyObject_RichCompareBool
PyObject_GetAttrString
PyObject_GetAttr
PyObject_GenericSetAttr
PyCallable_Check
PyArg_ParseTuple
PyArg_UnpackTuple
_PyArg_NoKeywords
PyEval_GetFuncName
PyObject_CallFunctionObjArgs
PyObject_IsInstance
PyMethod_Type
PyObject_SelfIter
_PyGen_FetchStopIterationValue
PyErr_SetNone
PyErr_SetObject
PyErr_ExceptionMatches
PyException_SetCause
_PyErr_FormatFromCause
PyEval_EvalFrameEx
PyObject_Call
PyObject_CallObject
PyObject_CallMethodObjArgs
PyTraceBack_Type
PyGen_Type
PyCoro_Type
PyAsyncGen_Type
PyExc_StopAsyncIteration
PyExc_GeneratorExit
Py_BuildValue
PyEval_GetFrame
PyFrame_GetLineNumber
_PyGen_SetStopIterationValue
_PyAsyncGenWrappedValue_Type
PyCode_New
PyObject_SetAttr
PyObject_Hash
PyMem_Realloc
PyObject_Malloc
PyObject_Realloc
PyObject_Free
_PyObject_New
PyByteArray_FromObject
PyByteArray_FromStringAndSize
PyBytes_FromStringAndSize
_PyBytes_Resize
PyUnicode_New
_PyUnicode_Ready
PyUnicode_FromStringAndSize
PyUnicode_FromKindAndData
PyUnicode_AsUnicode
PyUnicode_InternInPlace
Py_FrozenFlag
PyUnicode_FromOrdinal
PyUnicode_Concat
PyLong_AsLong
PyLong_AsLongAndOverflow
PyLong_FromString
PyLong_FromUnicodeObject
PyFloat_FromDouble
_PyFloat_Unpack8
PyTuple_SetItem
PyList_New
PyDict_SetItemString
PySet_New
PyFrozenSet_New
PyModule_GetName
PyModule_GetFilenameObject
PyErr_NoMemory
PyErr_Print
PyObject_Size
PyObject_GetBuffer
PyBuffer_Release
PyNumber_Add
PyNumber_Subtract
PyNumber_FloorDivide
PyNumber_Negative
PyNumber_Index
PyNumber_InPlaceAdd
PyNumber_ToBase
PySequence_InPlaceConcat
PyMapping_Check
PyEval_EvalCode
PyEval_EvalCodeEx
PyFrame_New
PyType_Type
PyBaseObject_Type
PySuper_Type
PyByteArray_Type
_PyByteArray_empty_string
PyBytes_Type
PyLong_Type
PyBool_Type
PyFloat_Type
PyComplex_Type
PyRange_Type
PyTuple_Type
PySet_Type
PyFrozenSet_Type
PyModule_Type
_Py_EllipsisObject
PySlice_Type
PyCallIter_Type
PyExc_ImportError
PyExc_OverflowError
PyCode_Type
PyFrame_Type
PyObject_SetAttrString
PyCFunction_NewEx
PyArg_ParseTupleAndKeywords
Py_CompileStringExFlags
PyImport_ExecCodeModuleEx
PyObject_HasAttr
PyList_SetItem
PyList_Insert
PyList_Append
PyModule_New
PyModule_GetDef
PyOS_snprintf
PyModule_AddObject
PyModule_ExecDef
PyModule_FromDefAndSpec2
PySys_WriteStderr
PyImport_ImportFrozenModule
_PyImport_FixupExtensionObject
PyMarshal_ReadObjectFromString
PyModuleDef_Type
_Py_PackageContext
Py_IgnoreEnvironmentFlag
Py_BytesWarningFlag
Py_NoSiteFlag
Py_OptimizeFlag
Py_InspectFlag
Py_InteractiveFlag
Py_VerboseFlag
Py_DebugFlag
PyImport_ImportModule
PySys_SetPath
PySys_SetArgv
PySys_GetObject
Py_SetPath
Py_Exit
Py_Initialize
Py_SetPythonHome
PyErr_PrintEx
PyStructSequence_SetItem
_PyWarnings_Init
PyDict_DelItem
PyUnicode_AsUTF8
_Py_CheckRecursionLimit
PyExc_SystemError
PyExc_AttributeError
PyFunction_Type
PyCFunction_Type
_Py_CheckRecursiveCall
PyDict_GetItem
PyObject_GenericGetAttr
_PyType_Lookup
PyType_Ready
PySys_SetObject
PyStructSequence_New
PyStructSequence_InitType
PyCapsule_New
_PyDict_NewPresized
PyExc_ValueError
PyExc_TypeError
PyExc_RuntimeError
PyExc_NameError
PyExc_IndexError
PyExc_AssertionError
PyExc_StopIteration
PyExc_BaseException
PySeqIter_Type
PyList_Type
_Py_TrueStruct
_Py_FalseStruct
PyUnicode_Type
_Py_NotImplementedStruct
_Py_NoneStruct
PyObject_IsSubclass
PySequence_GetItem
PySequence_Check
PyNumber_AsSsize_t
PyObject_SetItem
PyImport_GetModuleDict
PyEval_AcquireThread
PyEval_ThreadsInitialized
PyEval_SaveThread
Py_MakePendingCalls
PyModule_Create2
PyErr_WriteUnraisable
PyErr_Format
PyException_SetContext
PyException_GetContext
PyException_GetTraceback
PyException_SetTraceback
PyErr_NormalizeException
PyErr_GivenExceptionMatches
PySlice_New
PyThreadState_Get
PyDict_SetItem
PyDict_New
PyTuple_Size
PyTuple_New
PyLong_FromSsize_t
PyLong_FromUnsignedLong
PyLong_FromLong
PyUnicode_Find
PyUnicode_FromFormat
PyUnicode_GetLength
PyUnicode_Substring
PyUnicode_FromString
PyObject_GC_Track
_PyObject_GC_New
PyType_IsSubtype
PyUnicode_FromWideChar

kernel32

WriteConsoleW
LoadResource
CreateFileW
LockResource
FindResourceA
CloseHandle
DecodePointer
GetConsoleMode
GetConsoleCP
FlushFileBuffers
HeapReAlloc
HeapSize
SetFilePointerEx
GetProcessHeap
LCMapStringW
CompareStringW
GetStringTypeW
SetStdHandle
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
GetFileType
HeapFree
MultiByteToWideChar
HeapAlloc
GetCommandLineA
GetModuleHandleExW
ExitProcess
WriteFile
GetStdHandle
RaiseException
FreeLibrary
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
SetLastError
RtlUnwind
SetDllDirectoryW
GetModuleHandleW
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FormatMessageA
LoadLibraryExW
GetProcAddress
SetErrorMode
GetLastError
WideCharToMultiByte
GetModuleFileNameW
GetShortPathNameW
GetCommandLineW

Sections

.text
Size: 182KB - Virtual size: 181KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6.9MB - Virtual size: 6.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

82a8ea622a1fa89d05d2eda1c15b9080

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

shell32

python37

kernel32

Sections

.text Size: 182KB - Virtual size: 181KB

.rdata Size: 91KB - Virtual size: 91KB

.data Size: 16KB - Virtual size: 20KB

.rsrc Size: 6.9MB - Virtual size: 6.9MB

.reloc Size: 14KB - Virtual size: 13KB

.text
Size: 182KB - Virtual size: 181KB

.rdata
Size: 91KB - Virtual size: 91KB

.data
Size: 16KB - Virtual size: 20KB

.rsrc
Size: 6.9MB - Virtual size: 6.9MB

.reloc
Size: 14KB - Virtual size: 13KB