059456ccc66f2e0b1a97c5251c673805fa081632d80c0a301a674cee4035f3b4

Sharing

Copy URL Twitter E-mail

General

Target

059456ccc66f2e0b1a97c5251c673805fa081632d80c0a301a674cee4035f3b4
Size

140KB
MD5

094b8a902a8f90bbf2839c4c3058e0b9
SHA1

bd7eb370af2bf64ef2477f27d7137dd53c0298c4
SHA256

059456ccc66f2e0b1a97c5251c673805fa081632d80c0a301a674cee4035f3b4
SHA512

5a68b3d722ffcffe7f2ed47de1495d7b00d5edf1e61e5d6c9f3b988be99d72eadf9e1e592ce040dc38e03518b92b74526a3669af1dff540225f356281bb25fb8
SSDEEP

3072:OkjheDwUp83mxS8es3fsdNfNnRflbw2FMIPQcSp:thyQLMkNRF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
059456ccc66f2e0b1a97c5251c673805fa081632d80c0a301a674cee4035f3b4

Files

059456ccc66f2e0b1a97c5251c673805fa081632d80c0a301a674cee4035f3b4
.dll windows x86

bb431740582d51932930e065d126a621

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

python311_d

PyErr_Format
PyThread_allocate_lock
PyThread_free_lock
PyThread_acquire_lock
PyThread_release_lock
PyModule_AddType
_PyArg_NoKeywords
_PyArg_NoPositional
_PyArg_BadArgument
_PyArg_CheckPositional
_PyArg_UnpackKeywords
PyEval_SaveThread
PyEval_RestoreThread
_PyNumber_Index
_Py_RefTotal
PyExc_EOFError
PyExc_OSError
PyExc_MemoryError
PyExc_RuntimeError
PyExc_SystemError
PyExc_ValueError
PyMem_Malloc
PyErr_Occurred
PyErr_SetString
PyErr_SetNone
PyModuleDef_Init
PyModule_GetState
PyList_Append
PyList_New
PyErr_NoMemory
PyMem_Realloc
PyMem_Free
PyMem_RawMalloc
PyMem_RawFree
PyObject_GetBuffer
PyBuffer_IsContiguous
PyBuffer_Release
PyType_GenericNew
PyType_FromModuleAndSpec
_Py_NegativeRefcount
_Py_Dealloc
PyBytes_FromStringAndSize
PyLong_AsSsize_t
_PyLong_AsInt

vcruntime140d

_except_handler4_common
memset
__current_exception_context
__current_exception
__std_type_info_destroy_list
memmove
memcpy

ucrtbased

_initterm
_initterm_e
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit
_crt_at_quick_exit
_cexit
terminate
_fdopen
_fileno
_setmode
ferror
ungetc
fwrite
fread
fopen
fgetc
fflush
fclose
exit
malloc
free
__stdio_common_vfprintf
__acrt_iob_func
_wassert
isdigit

kernel32

GetCurrentThreadId
GetModuleHandleW
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
UnhandledExceptionFilter
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter

Exports

Exports

PyInit__bz2

Sections

.text
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 270B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bb431740582d51932930e065d126a621

Headers

DLL Characteristics

File Characteristics

Imports

python311_d

vcruntime140d

ucrtbased

kernel32

Exports

Exports

Sections

.text Size: 110KB - Virtual size: 109KB

.rdata Size: 14KB - Virtual size: 13KB

.data Size: 5KB - Virtual size: 5KB

.idata Size: 4KB - Virtual size: 3KB

.00cfg Size: 512B - Virtual size: 270B

.rsrc Size: 3KB - Virtual size: 3KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 110KB - Virtual size: 109KB

.rdata
Size: 14KB - Virtual size: 13KB

.data
Size: 5KB - Virtual size: 5KB

.idata
Size: 4KB - Virtual size: 3KB

.00cfg
Size: 512B - Virtual size: 270B

.rsrc
Size: 3KB - Virtual size: 3KB

.reloc
Size: 2KB - Virtual size: 2KB