3446e32df4d20c263df8634e3eb9be6ec53281d7ce0e2aa7ea7497cf0dd24f85

Sharing

Copy URL Twitter E-mail

General

Target

3446e32df4d20c263df8634e3eb9be6ec53281d7ce0e2aa7ea7497cf0dd24f85
Size

69KB
MD5

c1caf166a43d687fb8fdbf12d6c01ee8
SHA1

0e01a85bd1f87de69c7522456de85003eaf42c0a
SHA256

3446e32df4d20c263df8634e3eb9be6ec53281d7ce0e2aa7ea7497cf0dd24f85
SHA512

18b83dbe30672c22e0e18873aa4a45516af30775a7e54c309b668c0e6d98f748f9ad6d2dba643979cae75c241b9c3fa22198b0ebbe27577b1616bdb910ec918a
SSDEEP

768:SOZJnkMIcv3Wnzea1rp1lNjPKEtD9OvHLRu108FvzxHdekdz+vIHu8M1/o6G6WM6:zkMknialJD9aLQzxXdLG7GTM7KObHOF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3446e32df4d20c263df8634e3eb9be6ec53281d7ce0e2aa7ea7497cf0dd24f85

Files

3446e32df4d20c263df8634e3eb9be6ec53281d7ce0e2aa7ea7497cf0dd24f85
.dll windows:6 windows x64 arch:x64

670520f409d82bc38bd380230bec68d3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

SetThreadAffinityMask
GetCurrentThread
EnterCriticalSection
GetCurrentProcess
GetProcessAffinityMask
LeaveCriticalSection
InitializeCriticalSection
GetCurrentThreadId
Sleep
LoadLibraryA
GetVersionExA
QueryPerformanceFrequency
GetProcAddress
DeleteCriticalSection
FreeLibrary
GetSystemTimeAsFileTime
QueryPerformanceCounter
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
GetCurrentProcessId
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls

winmm

timeGetTime
timeBeginPeriod
timeEndPeriod

python3

PyExc_NameError
PyExc_IndexError
PyExc_ImportError
Py_CompileString
PyList_SetItem
PyErr_Print
PyUnicode_GetLength
PyUnicode_FromString
PyUnicode_DecodeLocale
PySys_WriteStdout
PyExc_TypeError
PyExc_NotImplementedError
PyUnicode_DecodeLatin1
PyExc_OSError
PyDict_GetItemString
PyTuple_SetItem
PyEval_GetGlobals
PyList_GetItem
PyBytes_Size
PyEval_GetLocals
PyTuple_Size
PyErr_Clear
PyObject_GetAttrString
PyExc_EnvironmentError
PyExc_SyntaxError
PyModule_Create2
PyList_New
PyLong_AsLong
PyCapsule_GetPointer
PyTuple_GetItem
_Py_Dealloc
PyType_IsSubtype
PyErr_SetFromErrno
PyBool_Type
PyErr_Format
PyExc_ValueError
PyErr_SetString
PyList_Size
PyExc_AttributeError
PyFloat_FromDouble
PyDict_SetItemString
PyTuple_New
PyCapsule_Type
_Py_NoneStruct
PyFloat_AsDouble
PyUnicode_AsLatin1String
PyUnicode_DecodeMBCS
PyErr_SetFromWindowsErr
PyExc_MemoryError
PyErr_SetNone
PyExc_RuntimeError
PyType_GetFlags
PyEval_GetFuncName
PyErr_Occurred
PyBytes_AsString
PyImport_ImportModule
PyEval_GetFuncDesc
PyExc_Exception
PyExc_BufferError
PyEval_EvalCode
PyDict_New

vcruntime140

__std_type_info_destroy_list
memset
longjmp
__C_specific_handler
__intrinsic_setjmp

api-ms-win-crt-string-l1-1-0

tolower
strtok
strncmp
strcmp
_strdup

api-ms-win-crt-stdio-l1-1-0

fflush
__stdio_common_vsprintf
__stdio_common_vsscanf

api-ms-win-crt-heap-l1-1-0

calloc
free

api-ms-win-crt-convert-l1-1-0

atoi

api-ms-win-crt-environment-l1-1-0

_putenv_s
getenv

api-ms-win-crt-math-l1-1-0

floor
pow

api-ms-win-crt-runtime-l1-1-0

_errno
_initterm_e
_initialize_onexit_table
_execute_onexit_table
_cexit
_configure_narrow_argv
_initialize_narrow_environment
_seh_filter_dll
_initterm

Exports

Exports

PyInit_GetSecs

Sections

.text
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 68B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

670520f409d82bc38bd380230bec68d3

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

winmm

python3

vcruntime140

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-environment-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-runtime-l1-1-0

Exports

Exports

Sections

.text Size: 35KB - Virtual size: 35KB

.rdata Size: 27KB - Virtual size: 27KB

.data Size: 3KB - Virtual size: 88KB

.pdata Size: 1KB - Virtual size: 1KB

.rsrc Size: 512B - Virtual size: 248B

.reloc Size: 512B - Virtual size: 68B

.text
Size: 35KB - Virtual size: 35KB

.rdata
Size: 27KB - Virtual size: 27KB

.data
Size: 3KB - Virtual size: 88KB

.pdata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 512B - Virtual size: 248B

.reloc
Size: 512B - Virtual size: 68B