353a2f935025de83a0e46ad4319c5fb0f43db28216a2db77813fdc2e2de753c5

Sharing

Copy URL Twitter E-mail

General

Target

353a2f935025de83a0e46ad4319c5fb0f43db28216a2db77813fdc2e2de753c5
Size

42KB
MD5

6bb6e0841221021b452fc19a3d310afb
SHA1

f8d6c5ad2b87f26985a0c613c8d4304c094a4770
SHA256

353a2f935025de83a0e46ad4319c5fb0f43db28216a2db77813fdc2e2de753c5
SHA512

42ffc78177a7640685b371c6ec1a4fdeb7eaa46a93c1da6bcb90a15168202652c66ce82ac22dad180ee956dfed531ca410dd6fe3d1ca3926e9bcb7ac7bf17ab3
SSDEEP

768:jTO/ESvNj3WhmLV9S+c5GzzBO0IQIPPs:jTOHvNj3mIV9NSGzzBO0IQIPPs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
353a2f935025de83a0e46ad4319c5fb0f43db28216a2db77813fdc2e2de753c5

Files

353a2f935025de83a0e46ad4319c5fb0f43db28216a2db77813fdc2e2de753c5
.dll windows x86

fc74b5c93ef180c0911519035f5467a9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

python311_d

PyModule_AddObject
PyModule_Create2
_PyEval_EvalFrameDefault
_Py_GetErrorHandler
_Py_DecodeLocaleEx
_Py_EncodeLocaleEx
_Py_normpath
_Py_hashtable_compare_direct
_Py_hashtable_new
_Py_hashtable_destroy
_Py_hashtable_clear
_Py_hashtable_foreach
_Py_hashtable_set
_PyInterpreterState_SetEvalFrameFunc
_PyArg_ParseTuple_SizeT
_PyConfig_AsDict
_PyConfig_FromDict
_Py_Get_Getpath_CodeObject
_Py_GetConfigsAsDict
_PyPathConfig_ClearGlobal
_Py_UTF8_Edit_Cost
_Py_RefTotal
_Py_NoneStruct
PyExc_AssertionError
PyExc_RuntimeError
PyExc_TypeError
PyExc_ValueError
_PyRuntime
PyInterpreterState_Get
PyErr_Format
PyErr_NoMemory
PyErr_SetString
_PyInterpreterState_SetConfig
_Py_hashtable_steal
_PyInterpreterState_GetConfigCopy
PyConfig_Clear
PyConfig_InitIsolatedConfig
PyList_Append
PyLong_FromSsize_t
PyLong_FromLong
PyUnicode_AsWideCharString
PyUnicode_FromWideChar
PyUnicode_FromString
PyBytes_FromString
_Py_Dealloc
_Py_NegativeRefcount
PyMem_RawFree
_Py_hashtable_get
PyMem_Free

vcruntime140d

memset
__current_exception_context
__current_exception
__std_type_info_destroy_list
_except_handler4_common

ucrtbased

_cexit
_crt_at_quick_exit
_crt_atexit
_execute_onexit_table
_register_onexit_function
terminate
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm
_wassert
_initialize_onexit_table

kernel32

QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetModuleHandleW
GetCurrentProcess
TerminateProcess

Exports

Exports

PyInit__testinternalcapi

Sections

.text
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 270B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fc74b5c93ef180c0911519035f5467a9

Headers

DLL Characteristics

File Characteristics

Imports

python311_d

vcruntime140d

ucrtbased

kernel32

Exports

Exports

Sections

.text Size: 22KB - Virtual size: 21KB

.rdata Size: 9KB - Virtual size: 8KB

.data Size: 1024B - Virtual size: 1KB

.idata Size: 3KB - Virtual size: 3KB

.00cfg Size: 512B - Virtual size: 270B

.rsrc Size: 3KB - Virtual size: 3KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 22KB - Virtual size: 21KB

.rdata
Size: 9KB - Virtual size: 8KB

.data
Size: 1024B - Virtual size: 1KB

.idata
Size: 3KB - Virtual size: 3KB

.00cfg
Size: 512B - Virtual size: 270B

.rsrc
Size: 3KB - Virtual size: 3KB

.reloc
Size: 2KB - Virtual size: 1KB