ba29626431f4562039b89ace7ad30cabe44523bbdf31f4fdb850619d9a1d574c

Sharing

Copy URL Twitter E-mail

General

Target

ba29626431f4562039b89ace7ad30cabe44523bbdf31f4fdb850619d9a1d574c
Size

67KB
MD5

72e522d1e4074c9336db04e24af58ebe
SHA1

16c86934eab4eca49646f64fe8fcc6a61bf4fc46
SHA256

ba29626431f4562039b89ace7ad30cabe44523bbdf31f4fdb850619d9a1d574c
SHA512

e952ad7180c55b7314f8008814d4d7dc3e285c1df21693c83c789cb0948c50aa4fb992ba62ba31c75e79db6de6563e26044d8f3c6733191f0b4ec9c5adacbe47
SSDEEP

1536:mkN4S0hPglsjrfr8eN2gq8R9g0ISILCVXe:mKUIlsH12gtR9nnILCVX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ba29626431f4562039b89ace7ad30cabe44523bbdf31f4fdb850619d9a1d574c

Files

ba29626431f4562039b89ace7ad30cabe44523bbdf31f4fdb850619d9a1d574c
.dll windows x86

209f792a70d3ea0efbb13fe84a8372f5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

python310

PyMem_RawFree
PyExc_SystemError
PyModule_GetState
PyBuffer_Release
_PyLong_AsInt
PyMem_Malloc
PyMem_Realloc
PyType_FromModuleAndSpec
PyBytes_FromStringAndSize
PyEval_RestoreThread
PyExc_OSError
PyErr_NoMemory
PyMem_Free
PyThread_free_lock
PyList_Append
PyExc_EOFError
PyList_New
PyObject_GetBuffer
PyThread_release_lock
_Py_Dealloc
_PyNumber_Index
PyModuleDef_Init
PyErr_Format
PyExc_ValueError
PyModule_AddType
_PyArg_UnpackKeywords
PyErr_SetString
_PyArg_BadArgument
PyThread_acquire_lock
_PyArg_NoPositional
PyMem_RawMalloc
PyThread_allocate_lock
PyExc_MemoryError
PyErr_SetNone
PyBuffer_IsContiguous
PyExc_RuntimeError
PyEval_SaveThread
PyErr_Occurred
_PyArg_CheckPositional
PyLong_AsSsize_t
_PyArg_NoKeywords
PyType_GenericNew

vcruntime140

memmove
memcpy
memset
__std_type_info_destroy_list
_except_handler4_common

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func
__stdio_common_vfprintf

api-ms-win-crt-runtime-l1-1-0

_initialize_onexit_table
_initialize_narrow_environment
_seh_filter_dll
_initterm_e
_initterm
_cexit
_execute_onexit_table
_configure_narrow_argv
exit

api-ms-win-crt-heap-l1-1-0

malloc
free

kernel32

GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
GetCurrentProcess
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
UnhandledExceptionFilter
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess

Exports

Exports

PyInit__bz2

Sections

.text
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

209f792a70d3ea0efbb13fe84a8372f5

Headers

DLL Characteristics

File Characteristics

Imports

python310

vcruntime140

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

kernel32

Exports

Exports

Sections

.text Size: 50KB - Virtual size: 49KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 50KB - Virtual size: 49KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 1KB - Virtual size: 1KB