PyInit_secret_one
Static task
static1
Behavioral task
behavioral1
Sample
d8e183532c9c7c24c49b80556704a59bd86756d2e89921b5d3fe39f4f010026e.dll
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
d8e183532c9c7c24c49b80556704a59bd86756d2e89921b5d3fe39f4f010026e.dll
Resource
win10v2004-20230915-en
General
-
Target
d8e183532c9c7c24c49b80556704a59bd86756d2e89921b5d3fe39f4f010026e
-
Size
14.5MB
-
MD5
10654286fdff48eac774034715ffb1a1
-
SHA1
ab60884c61616236b296adc52393a1ef013b97ca
-
SHA256
d8e183532c9c7c24c49b80556704a59bd86756d2e89921b5d3fe39f4f010026e
-
SHA512
9369c0849f0f8f27491e51bf3a68f7f415bd01b2799fbe4d1c12ea438fb8d5debaa529ac5692fa3e594c76aa5aa10992b3bd89b681aae6d89593349827a70f2e
-
SSDEEP
196608:XlMzkKPyTr+DUAda8BjtOyQXopdHNtcfp2vsndiVLFhq+ULuiYl+pZuQXW9q35Sf:CV88Bg2pdz+BUV0uioOpXWsVZxfH
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource d8e183532c9c7c24c49b80556704a59bd86756d2e89921b5d3fe39f4f010026e
Files
-
d8e183532c9c7c24c49b80556704a59bd86756d2e89921b5d3fe39f4f010026e.dll windows:6 windows x64
7d5d1ecfa42628d00bd5fd82d36d6f6c
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
Imports
python39
PyUnicode_DecodeUTF8
kernel32
WriteConsoleW
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress
Exports
Exports
Sections
.text Size: - Virtual size: 928KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: - Virtual size: 80KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: - Virtual size: 36KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_RDATA Size: - Virtual size: 348B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
. IQ Size: - Virtual size: 9.2MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.hEq Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.+D] Size: 14.5MB - Virtual size: 14.5MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 260B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ