2964ca5d3a8c7bf3da0ba7ce33ce3f7cf0afcc53230f58518c086626fcdebb20

Sharing

Copy URL Twitter E-mail

General

Target

2964ca5d3a8c7bf3da0ba7ce33ce3f7cf0afcc53230f58518c086626fcdebb20
Size

23KB
MD5

901171bc5ecba584f9ae12135c8aa7dc
SHA1

c7b99cbcb6555368513e524ace39a68c09287f1a
SHA256

2964ca5d3a8c7bf3da0ba7ce33ce3f7cf0afcc53230f58518c086626fcdebb20
SHA512

c1be629a009184b77974b24fb6f601e8d329db2811fc2eae3d099c6b813dc1de53e7e5449d8e6b93d42e3726ea5234351904620a0bd946776f40e7fb480df92b
SSDEEP

384:K4190BdaudwS0Y6K6pDldPZAzrkkPMyF8pB55LlYtBTlgquuJKPKw9yPXM:K5cv9ZAzoGlF8p3/EETJCiE8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2964ca5d3a8c7bf3da0ba7ce33ce3f7cf0afcc53230f58518c086626fcdebb20

Files

2964ca5d3a8c7bf3da0ba7ce33ce3f7cf0afcc53230f58518c086626fcdebb20
.dll windows:6 windows x64 arch:x64

d57b9f4b443b7b382cb1725117d83558

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

sdl2

SDL_SetColorKey
SDL_FreeSurface
SDL_CreateRGBSurface
SDL_GetError

sdl2_ttf

TTF_FontAscent
TTF_SetFontScriptName
TTF_Linked_Version
TTF_RenderUTF8_Shaded
TTF_FontLineSkip
TTF_SetFontStyle
TTF_OpenFontRW
TTF_FontDescent
TTF_FontHeight
TTF_Init
TTF_SizeText
TTF_SizeUTF8
TTF_CloseFont
TTF_GetFontStyle
TTF_GlyphMetrics
TTF_Quit
TTF_RenderUTF8_Solid
TTF_RenderUTF8_Blended

python311

PyObject_IsTrue
PyUnicode_FromString
PyUnicode_CompareWithASCIIString
PyArg_ParseTuple
PyEval_RestoreThread
PyUnicode_AsEncodedString
PyCapsule_Type
PyExc_TypeError
PyUnicode_FromEncodedObject
PyArg_ParseTupleAndKeywords
PyObject_CallMethod
PyUnicode_AsUTF16String
PyCapsule_New
PyList_Append
PyObject_GetAttrString
PyType_Ready
PyModule_Create2
PyList_New
PyObject_ClearWeakRefs
PyModule_AddObject
PyCapsule_GetPointer
PyErr_ExceptionMatches
_Py_Dealloc
PyErr_Format
PyExc_ValueError
PyObject_CallFunction
PyErr_SetString
PyExc_AttributeError
_Py_NoneStruct
PyBytes_AsStringAndSize
PyExc_MemoryError
Py_BuildValue
PyLong_FromLong
PyExc_RuntimeError
PyEval_SaveThread
PyUnicode_AsUTF8AndSize
PyErr_Occurred
PyImport_ImportModule
PyType_GenericNew
PyModule_AddIntConstant
PyBool_FromLong
PyErr_Clear

kernel32

RtlCaptureContext
IsDebuggerPresent
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead

vcruntime140

memset
__C_specific_handler
__std_type_info_destroy_list

api-ms-win-crt-runtime-l1-1-0

_initterm
_initterm_e
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_execute_onexit_table
_cexit
_initialize_onexit_table

Exports

Exports

PyInit_font

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 240B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d57b9f4b443b7b382cb1725117d83558

Headers

DLL Characteristics

File Characteristics

Imports

sdl2

sdl2_ttf

python311

kernel32

vcruntime140

api-ms-win-crt-runtime-l1-1-0

Exports

Exports

Sections

.text Size: 9KB - Virtual size: 8KB

.rdata Size: 9KB - Virtual size: 8KB

.data Size: 2KB - Virtual size: 3KB

.pdata Size: 1024B - Virtual size: 912B

.rsrc Size: 512B - Virtual size: 248B

.reloc Size: 512B - Virtual size: 240B

.text
Size: 9KB - Virtual size: 8KB

.rdata
Size: 9KB - Virtual size: 8KB

.data
Size: 2KB - Virtual size: 3KB

.pdata
Size: 1024B - Virtual size: 912B

.rsrc
Size: 512B - Virtual size: 248B

.reloc
Size: 512B - Virtual size: 240B