967103d44ec50c1f66089e7117d27214464ab57bf74ba007ab62b871961c42b8

Sharing

Copy URL Twitter E-mail

General

Target

967103d44ec50c1f66089e7117d27214464ab57bf74ba007ab62b871961c42b8
Size

13KB
MD5

3639db7b33dd00b7526e530639ca0429
SHA1

615d86ce465c15286055f2109d36d06548a75601
SHA256

967103d44ec50c1f66089e7117d27214464ab57bf74ba007ab62b871961c42b8
SHA512

39d83be6afcda3843096fcf992454b1157b13f50ac5375b20700e0c400ab1cdfa90f35c06210e3c446da37350ede253a98dc8949db85ff81c1af471025324d1c
SSDEEP

192:KVq3leUPdE00AboP0nl6Hwal1BOPVcqgGc:KVel5L0ilYRzOPrgG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
967103d44ec50c1f66089e7117d27214464ab57bf74ba007ab62b871961c42b8

Files

967103d44ec50c1f66089e7117d27214464ab57bf74ba007ab62b871961c42b8
.dll windows:6 windows x64 arch:x64

fd34452e03c33c8178748df8290d30f2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

sdl2

SDL_UnlockSurface
SDL_LockSurface
SDL_GetError

python311

PyWeakref_NewRef
PyExc_RuntimeError
_Py_NoneStruct
PyWeakref_GetObject
PyList_Size
PyErr_SetString
PySequence_DelItem
_Py_Dealloc
PyObject_Free
PyModule_AddObject
PyObject_ClearWeakRefs
PyList_New
PyModule_Create2
PyType_Ready
PyList_Append
PyCapsule_New
PyList_GetItem
_PyObject_New

kernel32

IsProcessorFeaturePresent
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
SetUnhandledExceptionFilter
TerminateProcess
GetCurrentProcess
RtlCaptureContext

vcruntime140

__std_type_info_destroy_list
memset
__C_specific_handler

api-ms-win-crt-runtime-l1-1-0

_initialize_narrow_environment
_execute_onexit_table
_seh_filter_dll
_initterm_e
_initterm
_initialize_onexit_table
_cexit
_configure_narrow_argv

Exports

Exports

PyInit_surflock

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 552B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 60B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fd34452e03c33c8178748df8290d30f2

Headers

DLL Characteristics

File Characteristics

Imports

sdl2

python311

kernel32

vcruntime140

api-ms-win-crt-runtime-l1-1-0

Exports

Exports

Sections

.text Size: 5KB - Virtual size: 4KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 1024B - Virtual size: 2KB

.pdata Size: 1024B - Virtual size: 552B

.rsrc Size: 512B - Virtual size: 248B

.reloc Size: 512B - Virtual size: 60B

.text
Size: 5KB - Virtual size: 4KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 1024B - Virtual size: 2KB

.pdata
Size: 1024B - Virtual size: 552B

.rsrc
Size: 512B - Virtual size: 248B

.reloc
Size: 512B - Virtual size: 60B