71a47f506202308131c19b745d1b8db5ad89edee1961b0211c51e64dce5eb3c7

Sharing

Copy URL

Twitter E-mail

General

Target

71a47f506202308131c19b745d1b8db5ad89edee1961b0211c51e64dce5eb3c7
Size

25KB
MD5

a0b4e1063b617fe74d4e1a66eea05758
SHA1

5c9aad99165ba432a00a4999e7b5bef9458fb21e
SHA256

71a47f506202308131c19b745d1b8db5ad89edee1961b0211c51e64dce5eb3c7
SHA512

d9f6c4af71c8513f661bd9a4107feb15d40e4a39c7d1d67a6eacf409d2f33ebeaf9afe0fda58267f9d78e52fa178ddd0e74f23f6437594d74b29248774d7c6d4
SSDEEP

768:LW9aR5R75TjP/xoUAIpd+o7uMnm9YV1hCksJ0IiIPCG2Y:S9aR5RBPJmmVHCk+0IiIPCG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
71a47f506202308131c19b745d1b8db5ad89edee1961b0211c51e64dce5eb3c7

Files

71a47f506202308131c19b745d1b8db5ad89edee1961b0211c51e64dce5eb3c7
.dll windows x86

b5b49331ddcb011108795b561104f82a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

cabinet

ord10
ord14
ord11
ord13

msi

ord125
ord163
ord167
ord121
ord48
ord151
ord8
ord160
ord17
ord116
ord158
ord20
ord118
ord32
ord152
ord159
ord149
ord153
ord166
ord77
ord123
ord92
ord148
ord115
ord170

rpcrt4

RpcStringFreeW
UuidToStringW
UuidCreate

kernel32

IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
CreateFileW
GetFileInformationByHandle
CloseHandle
FileTimeToLocalFileTime
FileTimeToDosDateTime

python311

PyLong_AsUnsignedLongMask
PyArg_ParseTuple
PyUnicode_FromString
_PyObject_CallMethodId
PyMem_RawFree
_PyLong_AsInt
PyExc_TypeError
_PyObject_New
PyExc_NotImplementedError
PyBytes_FromStringAndSize
PyErr_NoMemory
PyMem_Free
PyObject_GenericSetAttr
PyErr_Clear
PyErr_NewException
PyUnicode_AsWideCharString
PyLong_AsLong
PyModule_AddObject
PyErr_ExceptionMatches
PyObject_Free
PyModule_Create2
_Py_Dealloc
PyLong_Type
PyErr_Format
PyExc_ValueError
PyErr_SetString
PyUnicode_FromWideChar
_PyArg_BadArgument
_Py_NoneStruct
PyMem_RawMalloc
PyExc_MemoryError
PyLong_FromLong
_PyUnicode_AsUnicode
PyUnicode_AsUTF8AndSize
PyObject_GenericGetAttr
PyErr_Occurred
PyBytes_AsString
_PyArg_CheckPositional
PyModule_AddIntConstant

vcruntime140

_except_handler4_common
__std_type_info_destroy_list
memset
memcpy

api-ms-win-crt-stdio-l1-1-0

_write
_read
_close
_wopen
_lseek
_tempnam

api-ms-win-crt-filesystem-l1-1-0

_wremove

api-ms-win-crt-string-l1-1-0

strncpy

api-ms-win-crt-runtime-l1-1-0

_cexit
_execute_onexit_table
_errno
_initterm
_initterm_e
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table

api-ms-win-crt-heap-l1-1-0

free
malloc

Exports

Exports

PyInit__msi

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b5b49331ddcb011108795b561104f82a

Headers

DLL Characteristics

File Characteristics

Imports

cabinet

msi

rpcrt4

kernel32

python311

vcruntime140

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

Exports

Exports

Sections

.text Size: 10KB - Virtual size: 9KB

.rdata Size: 9KB - Virtual size: 8KB

.data Size: 1KB - Virtual size: 2KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 10KB - Virtual size: 9KB

.rdata
Size: 9KB - Virtual size: 8KB

.data
Size: 1KB - Virtual size: 2KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 1KB - Virtual size: 1KB