5b5fc3605f2897669e58e2721857dbaad4c1dfaddb92a831d5eb8a6e64ea2e5c

Sharing

Copy URL Twitter E-mail

General

Target

5b5fc3605f2897669e58e2721857dbaad4c1dfaddb92a831d5eb8a6e64ea2e5c
Size

25KB
MD5

f8654c72c47c1d97cecb1beadee2328a
SHA1

a200a4f51924533612fdd716ad9f74c9933058a4
SHA256

5b5fc3605f2897669e58e2721857dbaad4c1dfaddb92a831d5eb8a6e64ea2e5c
SHA512

3a7624554e3624722ba5e4a6f44a7f1783ce34226a7225a8c3a53f71cef3e18d189e96546e952c75cc6a1252f6a9e314504bd63f0ea23e3f1fa74638de9bf3ff
SSDEEP

768:7W9aV5VjpTjP/xoUAIpd+o7uMnm9YV1w5cJ0ISILCGaY:C9aV5VJPJmmVK5u0ISILCG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5b5fc3605f2897669e58e2721857dbaad4c1dfaddb92a831d5eb8a6e64ea2e5c

Files

5b5fc3605f2897669e58e2721857dbaad4c1dfaddb92a831d5eb8a6e64ea2e5c
.dll windows x86

28149e7d5471f87dd52fb9995babf948

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

cabinet

ord10
ord14
ord11
ord13

msi

ord125
ord163
ord167
ord121
ord48
ord151
ord8
ord160
ord17
ord116
ord158
ord20
ord118
ord32
ord152
ord159
ord149
ord153
ord166
ord77
ord123
ord92
ord148
ord115
ord170

rpcrt4

RpcStringFreeW
UuidToStringW
UuidCreate

kernel32

IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
CreateFileW
GetFileInformationByHandle
CloseHandle
FileTimeToLocalFileTime
FileTimeToDosDateTime

python310

PyLong_AsUnsignedLongMask
PyArg_ParseTuple
PyUnicode_FromString
_PyObject_CallMethodId
PyMem_RawFree
_PyLong_AsInt
PyExc_TypeError
_PyObject_New
PyExc_NotImplementedError
PyBytes_FromStringAndSize
PyErr_NoMemory
PyMem_Free
PyObject_GenericSetAttr
PyErr_Clear
PyErr_NewException
PyUnicode_AsWideCharString
PyLong_AsLong
PyModule_AddObject
PyErr_ExceptionMatches
PyObject_Free
PyModule_Create2
_Py_Dealloc
PyLong_Type
PyErr_Format
PyExc_ValueError
PyErr_SetString
PyUnicode_FromWideChar
_PyArg_BadArgument
_Py_NoneStruct
PyMem_RawMalloc
PyExc_MemoryError
PyLong_FromLong
_PyUnicode_AsUnicode
PyUnicode_AsUTF8AndSize
PyObject_GenericGetAttr
PyErr_Occurred
PyBytes_AsString
_PyArg_CheckPositional
PyModule_AddIntConstant

vcruntime140

_except_handler4_common
__std_type_info_destroy_list
memset
memcpy

api-ms-win-crt-stdio-l1-1-0

_write
_read
_close
_wopen
_lseek
_tempnam

api-ms-win-crt-filesystem-l1-1-0

_wremove

api-ms-win-crt-string-l1-1-0

strncpy

api-ms-win-crt-runtime-l1-1-0

_cexit
_execute_onexit_table
_errno
_initterm
_initterm_e
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table

api-ms-win-crt-heap-l1-1-0

free
malloc

Exports

Exports

PyInit__msi

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

28149e7d5471f87dd52fb9995babf948

Headers

DLL Characteristics

File Characteristics

Imports

cabinet

msi

rpcrt4

kernel32

python310

vcruntime140

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

Exports

Exports

Sections

.text Size: 10KB - Virtual size: 9KB

.rdata Size: 9KB - Virtual size: 8KB

.data Size: 1KB - Virtual size: 2KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 10KB - Virtual size: 9KB

.rdata
Size: 9KB - Virtual size: 8KB

.data
Size: 1KB - Virtual size: 2KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 1KB - Virtual size: 1KB