C:\src\pywin32\build\temp.win-amd64-cpython-312\Release\win32api.pdb
Static task
static1
1 signatures
General
-
Target
win32api.pyd
-
Size
130KB
-
MD5
3a80fea23a007b42cef8e375fc73ad40
-
SHA1
04319f7552ea968e2421c3936c3a9ee6f9cf30b2
-
SHA256
b70d69d25204381f19378e1bb35cc2b8c8430aa80a983f8d0e8e837050bb06ef
-
SHA512
a63bed03f05396b967858902e922b2fbfb4cf517712f91cfaa096ff0539cf300d6b9c659ffee6bf11c28e79e23115fd6b9c0b1aa95db1cbd4843487f060ccf40
-
SSDEEP
3072:bPwB2zC1vwC3XetCf5RlRVFhLaNKPRyymoh5Lm9b0e:bIB2zkvwGXetCfDlRVlPRy85Lm9
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource win32api.pyd
Files
-
win32api.pyd.dll windows:6 windows x64 arch:x64
409a2c6c7728752ffdaf229681d7bcf1
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
Imports
user32
ChangeDisplaySettingsW
GetCursorPos
SetCursorPos
ShowCursor
RegisterWindowMessageW
PostQuitMessage
PostThreadMessageW
SetCursor
mouse_event
ClipCursor
LoadCursorW
WinHelpW
GetSysColor
LoadKeyboardLayoutW
GetKeyboardLayout
GetKeyboardLayoutList
SetClassWord
ExitWindowsEx
GetKeyboardLayoutNameW
VkKeyScanW
SetSysColors
MapVirtualKeyExW
VkKeyScanExA
GetAsyncKeyState
GetKeyboardState
LoadStringW
VkKeyScanA
GetWindowLongPtrW
SetClassLongPtrW
MessageBeep
GetSystemMetrics
SendMessageW
SetWindowWord
ToAsciiEx
SetWindowLongPtrW
MessageBoxExW
keybd_event
GetFocus
MapVirtualKeyW
GetKeyState
EnumDisplaySettingsW
VkKeyScanExW
PostMessageW
advapi32
InitiateSystemShutdownW
RegNotifyChangeKeyValue
RegGetKeySecurity
RegEnumKeyW
RegQueryInfoKeyW
RegDeleteKeyW
RegQueryValueW
RegFlushKey
RegCreateKeyExW
RegSaveKeyW
RegEnumKeyExW
RegSetKeySecurity
RegSetValueExW
AbortSystemShutdownW
OpenProcessToken
RegUnLoadKeyW
RegLoadKeyW
RegOpenKeyExW
RegCreateKeyW
RegConnectRegistryW
RegDeleteValueW
GetUserNameW
OpenThreadToken
LookupAccountSidW
RegEnumValueW
RegQueryValueExW
RegSetValueW
GetTokenInformation
shell32
DragQueryFileW
ShellExecuteW
DragFinish
CommandLineToArgvW
FindExecutableW
version
GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW
python312
PyExc_SystemError
PyLong_FromLong
Py_BuildValue
_Py_NoneStruct
PyExc_WindowsError
PyErr_SetString
PyExc_ValueError
PyErr_Format
_Py_Dealloc
PyUnicode_AsUTF8
PyList_New
PyList_Append
PyObject_GenericSetAttr
PyExc_NotImplementedError
PyArg_ParseTupleAndKeywords
_Py_NewReference
PyExc_TypeError
PyArg_ParseTuple
PyExc_Exception
PyErr_SetObject
PyBool_FromLong
_Py_BuildValue_SizeT
PyLong_AsUnsignedLong
PyModule_AddIntConstant
PyBytes_AsString
PySequence_GetItem
PyErr_Occurred
PyEval_SaveThread
PyList_SetSlice
PyExc_MemoryError
PyLong_FromUnsignedLongLong
PyGILState_Release
PyTuple_New
PyDict_SetItemString
PyList_Size
PyUnicode_FromWideChar
PyLong_FromUnsignedLong
_PyArg_ParseTupleAndKeywords_SizeT
PyTuple_GetItem
PyModule_GetDict
_PyArg_ParseTuple_SizeT
PyLong_AsLong
PyUnicode_AsWideCharString
PyModule_Create2
PyType_Ready
PyErr_Clear
PyTuple_Size
PySequence_Check
PyMem_Free
PyTuple_SetItem
PyErr_NoMemory
PyObject_CallObject
PyBytes_FromStringAndSize
PyEval_RestoreThread
PySys_WriteStderr
PyObject_Call
PyUnicode_GetLength
PyThreadState_Swap
PyErr_Print
PyObject_GenericGetAttr
PyMem_Malloc
PyCallable_Check
PyObject_IsTrue
PyObject_IsSubclass
PyGILState_Ensure
pywintypes312
?PyWinObject_AsHANDLE@@YAHPEAU_object@@PEAPEAX@Z
?PyWinObject_AsDEVMODE@@YAHPEAU_object@@PEAPEAU_devicemodeW@@H@Z
?PyWinObject_FromHANDLE@@YAPEAU_object@@PEAX@Z
?PyWinObject_AsWCHAR@@YAHPEAU_object@@PEAPEA_WHPEAK@Z
?PyWinObject_FromOLECHAR@@YAPEAU_object@@PEB_W@Z
?PyWinObject_FromOLECHAR@@YAPEAU_object@@PEB_W_J@Z
?PyWinObject_FromDEVMODE@@YAPEAU_object@@PEAU_devicemodeW@@@Z
?PyWinObject_FreeWCHAR@@YAXPEA_W@Z
?PyWinObject_FromRECT@@YAPEAU_object@@PEAUtagRECT@@@Z
?PyWinObject_AsPOINT@@YAHPEAU_object@@PEAUtagPOINT@@@Z
?PyWin_SetAPIError@@YAPEAU_object@@PEADJ@Z
?PyWinObject_AsRECT@@YAHPEAU_object@@PEAUtagRECT@@@Z
?PyWinObject_AsSYSTEMTIME@@YAHPEAU_object@@PEAU_SYSTEMTIME@@@Z
?PyWinObject_FromSYSTEMTIME@@YAPEAU_object@@AEBU_SYSTEMTIME@@@Z
?PyWinLong_FromHANDLE@@YAPEAU_object@@PEAX@Z
?PyWinObject_FromFILETIME@@YAPEAU_object@@AEBU_FILETIME@@@Z
?PyWinObject_AsSECURITY_DESCRIPTOR@@YAHPEAU_object@@PEAPEAXH@Z
?PyWinObject_FromSECURITY_DESCRIPTOR@@YAPEAU_object@@PEAX@Z
?PyWinLong_FromVoidPtr@@YAPEAU_object@@PEBX@Z
?PyWinObject_FreeResourceIdA@@YAXPEAD@Z
?PyWin_NewUnicode@@YAPEAU_object@@PEAU1@0@Z
?PyWinObject_FreeMultipleString@@YAXPEA_W@Z
?PyWinObject_AsSECURITY_ATTRIBUTES@@YAHPEAU_object@@PEAPEAU_SECURITY_ATTRIBUTES@@H@Z
?PyWinGlobals_Ensure@@YAHXZ
?PyWin_GetErrorMessageModule@@YAPEAUHINSTANCE__@@K@Z
?PyObject_FromWIN32_FIND_DATAW@@YAPEAU_object@@PEAU_WIN32_FIND_DATAW@@@Z
?PyWinObject_FromMultipleString@@YAPEAU_object@@PEA_W@Z
?PyWinObject_CloseHKEY@@YAHPEAU_object@@@Z
?PyWinObject_AsResourceId@@YAHPEAU_object@@PEAPEA_WH@Z
?PyWinObject_FromHKEY@@YAPEAU_object@@PEAUHKEY__@@@Z
?PyWinObject_AsULARGE_INTEGER@@YAHPEAU_object@@PEAT_ULARGE_INTEGER@@@Z
?PyWinObject_AsHKEY@@YAHPEAU_object@@PEAPEAUHKEY__@@@Z
?PyWinObject_AsMultipleString@@YAHPEAU_object@@PEAPEA_WHPEAK@Z
?PyWinSequence_Tuple@@YAPEAU_object@@PEAU1@PEAK@Z
?init@PyWinBufferView@@QEAA_NPEAU_object@@_N1@Z
?PyWinInterpreterLock_Release@@YAXXZ
?PyWinObject_CloseHANDLE@@YAHPEAU_object@@@Z
?PyWinExc_ApiError@@3PEAU_object@@EA
?PyWinObject_FromULARGE_INTEGER@@YAPEAU_object@@AEBT_ULARGE_INTEGER@@@Z
?PyWinObject_FreeResourceId@@YAXPEA_W@Z
?PyWinThreadState_Ensure@@YAHXZ
?PyWinObject_AsPARAM@@YAHPEAU_object@@PEAVPyWin_PARAMHolder@@@Z
?PyWinLong_AsVoidPtr@@YAHPEAU_object@@PEAPEAX@Z
?PyWinThreadState_Free@@YAXXZ
?PyWinObject_AsResourceIdA@@YAHPEAU_object@@PEAPEADH@Z
?len@PyWinBufferView@@QEAAKXZ
?ptr@PyWinBufferView@@QEAAPEAXXZ
?ok@PyWinBufferView@@QEAA_NXZ
??1PyWinBufferView@@QEAA@XZ
??0PyWinBufferView@@QEAA@PEAU_object@@_N1@Z
??0PyWinBufferView@@QEAA@XZ
?PyWinInterpreterLock_Acquire@@YAXXZ
kernel32
GetLogicalDrives
GetVolumeInformationW
SetConsoleCtrlHandler
SizeofResource
GetConsoleTitleW
GetEnvironmentVariableW
GetSystemPowerStatus
WriteProfileStringW
GetTempPathW
GetPrivateProfileSectionW
FindClose
GetFileAttributesW
GetCurrentThreadId
GetVersionExW
GetSystemDirectoryW
SetThreadLocale
FindFirstFileW
SearchPathW
WritePrivateProfileStringW
CompareStringW
GetSystemDefaultLCID
SetLastError
GetProfileSectionW
SetLocalTime
GetCommandLineW
GetFullPathNameW
FindNextFileW
GetCurrentProcess
GetStdHandle
EnumResourceTypesW
SetTimeZoneInformation
ExpandEnvironmentStringsW
GetShortPathNameW
GetDiskFreeSpaceW
GetPrivateProfileIntW
TerminateProcess
GetProfileIntW
GetUserDefaultLangID
GetModuleFileNameW
GetThreadLocale
SetEnvironmentVariableW
SetSystemTime
EnumResourceNamesW
GetStartupInfoW
DuplicateHandle
GetSystemDefaultLangID
FindFirstChangeNotificationW
OpenProcess
GetVersion
SetFileAttributesW
GetLogicalDriveStringsW
EndUpdateResourceW
GetPrivateProfileStringW
FormatMessageW
GetTimeZoneInformation
GetTickCount64
GetLastError
OutputDebugStringW
GetUserDefaultLCID
GetDiskFreeSpaceExW
GetCurrentThread
FindCloseChangeNotification
LockResource
DeleteFileW
CloseHandle
EnumResourceLanguagesW
GetSystemInfo
WriteProfileSectionW
LoadLibraryW
FindResourceExW
LoadResource
GetLocalTime
SetStdHandle
UpdateResourceW
FindNextChangeNotification
GetWindowsDirectoryW
Beep
GetProcAddress
LocalFree
GetTimeFormatW
MoveFileExW
GetComputerNameW
GetCurrentProcessId
GetModuleHandleW
FreeLibrary
CopyFileW
GetProfileStringW
SleepEx
SetErrorMode
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
QueryPerformanceCounter
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
LoadLibraryExA
VirtualQuery
VirtualProtect
RaiseException
GenerateConsoleCtrlEvent
LoadLibraryExW
OpenThread
MoveFileW
SetConsoleTitleW
GetDateFormatW
DebugBreak
GlobalMemoryStatus
GetSystemTime
GetTempFileNameW
BeginUpdateResourceW
WritePrivateProfileSectionW
WinExec
vcruntime140_1
__CxxFrameHandler4
vcruntime140
__std_type_info_destroy_list
__std_terminate
__C_specific_handler
__std_exception_copy
__std_exception_destroy
__current_exception
__current_exception_context
memset
_CxxThrowException
memcpy
api-ms-win-crt-convert-l1-1-0
_itow
api-ms-win-crt-heap-l1-1-0
malloc
_callnewh
free
api-ms-win-crt-runtime-l1-1-0
_configure_narrow_argv
terminate
_initterm_e
_initterm
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_at_quick_exit
_crt_atexit
_cexit
_initialize_narrow_environment
_seh_filter_dll
api-ms-win-crt-string-l1-1-0
strcmp
Exports
Exports
?PyDISPLAY_DEVICEType@@3U_typeobject@@A
PyInit_win32api
Sections
.text Size: 69KB - Virtual size: 69KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 41KB - Virtual size: 41KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 7KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 860B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ