python[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

python.exe
Size

326KB
MD5

b2e367c6898a19bdb7e3a2964282c9d8
SHA1

0c4facc89b78b4b7aa3c8233512e42a3ad1b9942
SHA256

a0fa7e9b5c6734869c7a92761dac887d43b8e9068d936f4b3c28b4650691210e
SHA512

0731278ff0d15f817fba0befdf5cb1f24d0c6587fac8a5395e3a3ebad1a570e458aa866dd7047e5fce521e717e29297a41b497a93c8d808970dd124fad88473d
SSDEEP

6144:FM1VmhXdxhmGrHuni29vKHnS0Lg32+7HLQLY1:QuhRFHLc2+7HLQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
python.exe

Files

python.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 245KB - Virtual size: 245KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 78KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ