72fe6ddaf5247f7691e4c3e2719c8731339e7c7eff4b7dc6b77c783c4a949be3

Sharing

Copy URL Twitter E-mail

General

Target

72fe6ddaf5247f7691e4c3e2719c8731339e7c7eff4b7dc6b77c783c4a949be3
Size

183KB
MD5

c036609a9c891ac46ce34d8acb15c590
SHA1

59c14b3de38e3ab4460277f902bbd2e209b65276
SHA256

72fe6ddaf5247f7691e4c3e2719c8731339e7c7eff4b7dc6b77c783c4a949be3
SHA512

078f5071a6f17a80dd66e8dfeab6d49618575ffd141a4effd1767ed22c920f2f91d4af9a2048a6e1a6d0b825dcfefc102c92fd778080bcd73065d07cc1441aa3
SSDEEP

3072:Lxg4r4/hmOomJ/B/anfRHU086zfoj9AU1uqax7c3pJMWlXgFGcvfekvIPOqJKvWZ:LFr4hL/aHU0rjc9A2uqaxY3XMW5gMcvc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
72fe6ddaf5247f7691e4c3e2719c8731339e7c7eff4b7dc6b77c783c4a949be3

Files

72fe6ddaf5247f7691e4c3e2719c8731339e7c7eff4b7dc6b77c783c4a949be3
.dll windows x86

9122d8f141781794640439b66cf3551e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

python311

PyList_GetItem
_PyUnicode_IsWhitespace
PyObject_CallMethod
PyObject_IsInstance
PyMem_Free
PyErr_NoMemory
PyObject_CallObject
PyComplex_Type
_Py_NotImplementedStruct
PyUnicode_Compare
PyArg_ParseTupleAndKeywords
_PyObject_New
PyExc_TypeError
PyMem_Realloc
PyErr_Format
PyUnicode_AsUTF8String
PyTuple_Pack
PyObject_HashNotImplemented
_PyUnicode_Ready
PyMem_Malloc
PyList_AsTuple
_Py_TrueStruct
PyUnicode_FromString
PyDict_New
PyUnicode_CompareWithASCIIString
PyType_Type
PyArg_ParseTuple
PyContextVar_New
PyFloat_FromString
zeus_abort
PyLong_FromUnsignedLong
PyExc_ValueError
PyContextVar_Set
PyObject_CallFunction
PyExc_ZeroDivisionError
PyErr_SetString
PyUnicode_FromWideChar
PyList_Size
PyUnicode_New
PyExc_AttributeError
PyDict_SetItem
_Py_HashPointer
PyObject_GenericSetAttr
_PyLong_New
PyTuple_Size
PyList_Append
PyErr_Clear
PyErr_NewException
_PyUnicode_ToDecimalDigit
PyObject_GetAttrString
PyFloat_FromDouble
PyType_Ready
PyModule_Create2
PyDict_Size
PyDict_SetItemString
PyTuple_New
_Py_NoneStruct
PyList_New
PyUnicode_FromFormat
PyLong_AsLong
PyObject_CallFunctionObjArgs
PyModule_AddObject
PyComplex_AsCComplex
PyObject_Free
_Py_Dealloc
PyExc_OverflowError
PyType_IsSubtype
PyLong_Type
PyFloat_Type
_Py_FalseStruct
PyFloat_AsDouble
PyTuple_Type
PyModule_AddStringConstant
_PyLong_GCD
PyExc_ArithmeticError
PyComplex_FromDoubles
PyDict_GetItemWithError
Py_BuildValue
PyContextVar_Get
PyLong_FromLong
PyExc_RuntimeError
PyUnicode_AsUTF8AndSize
PyObject_GenericGetAttr
PyUnicode_DecodeUTF8
PyLong_FromSsize_t
PyErr_Occurred
PyImport_ImportModule
PyExc_KeyError
PyLong_AsSsize_t
_Py_ascii_whitespace
PyType_GenericNew
PyModule_AddIntConstant
PyBool_FromLong
PyErr_SetObject
PyUnicode_InternFromString
PyObject_IsTrue
PyBaseObject_Type

vcruntime140

__std_type_info_destroy_list
memmove
memcpy
strchr
memset
_except_handler4_common

api-ms-win-crt-convert-l1-1-0

strtol
mbstowcs

api-ms-win-crt-math-l1-1-0

_dclass
copysign
ceil
_libm_sse2_log10_precise

api-ms-win-crt-stdio-l1-1-0

fputc
__acrt_iob_func
__stdio_common_vfprintf
__stdio_common_vsprintf

api-ms-win-crt-runtime-l1-1-0

abort
_initterm_e
_cexit
_execute_onexit_table
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm
__control87_2
_errno

api-ms-win-crt-string-l1-1-0

tolower
isupper
isdigit

api-ms-win-crt-locale-l1-1-0

localeconv

api-ms-win-crt-heap-l1-1-0

malloc
calloc
realloc
free

kernel32

UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
SetUnhandledExceptionFilter

Exports

Exports

PyInit__decimal

Sections

.text
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9122d8f141781794640439b66cf3551e

Headers

DLL Characteristics

File Characteristics

Imports

python311

vcruntime140

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-heap-l1-1-0

kernel32

Exports

Exports

Sections

.text Size: 132KB - Virtual size: 131KB

.rdata Size: 36KB - Virtual size: 35KB

.data Size: 4KB - Virtual size: 5KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 7KB - Virtual size: 7KB

.text
Size: 132KB - Virtual size: 131KB

.rdata
Size: 36KB - Virtual size: 35KB

.data
Size: 4KB - Virtual size: 5KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 7KB - Virtual size: 7KB