f62b36a677dee097d796ef2721251e309855e5e9639a6e3d47a482db92fa1a11

Sharing

Copy URL

Twitter E-mail

General

Target

f62b36a677dee097d796ef2721251e309855e5e9639a6e3d47a482db92fa1a11
Size

635KB
MD5

b391b9902f7f45178836a0b0233284cc
SHA1

b80704fbbd0e9a089f0e0634c8f7a4fd1447c570
SHA256

f62b36a677dee097d796ef2721251e309855e5e9639a6e3d47a482db92fa1a11
SHA512

5e395c6168c1917e19c5d3f1a87946be9ed57eee98a1fc0b5efdc772de54959259f5a953d0319bac9e8672c06c4d94107d4700139782bc5c71d6553076abce89
SSDEEP

12288:vC5meRum/xyE+aFk+65/bgKQiL3NdDaNP:vC5meRumdTFk+igKRNt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f62b36a677dee097d796ef2721251e309855e5e9639a6e3d47a482db92fa1a11

Files

f62b36a677dee097d796ef2721251e309855e5e9639a6e3d47a482db92fa1a11
.dll windows:6 windows x64 arch:x64

98e1aa4b68ffed6f360bd66442ccf26f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

openjp2

opj_set_warning_handler
opj_create_compress
opj_write_tile
opj_set_info_handler
opj_set_default_encoder_parameters
opj_stream_set_read_function
opj_setup_encoder
opj_stream_set_write_function
opj_image_create
opj_end_compress
opj_start_compress
opj_stream_set_seek_function
opj_set_default_decoder_parameters
opj_create_decompress
opj_set_error_handler
opj_stream_destroy
opj_stream_set_user_data
opj_stream_set_user_data_length
opj_decode_tile_data
opj_read_header
opj_image_destroy
opj_setup_decoder
opj_version
opj_end_decompress
opj_read_tile_header
opj_destroy_codec
opj_stream_set_skip_function
opj_stream_create

zlib

deflateEnd
zlibVersion
deflateInit2_
deflateSetDictionary
inflate
inflateEnd
inflateInit_
deflate

tiff

TIFFGetFieldDefaulted
TIFFIsTiled
TIFFFlush
TIFFError
TIFFClose
TIFFCleanup
TIFFFdOpen
TIFFSetWarningHandler
TIFFSetSubDirectory
TIFFVSetField
TIFFReadEncodedStrip
TIFFGetField
TIFFSetWarningHandlerExt
TIFFComputeStrip
TIFFTileRowSize
TIFFTileSize
TIFFReadTile
TIFFScanlineSize
TIFFStripSize
TIFFMergeFieldInfo
TIFFRGBAImageGet
TIFFGetVersion
TIFFSetField
TIFFWriteScanline
_TIFFmemcpy
TIFFRGBAImageEnd
TIFFRGBAImageOK
TIFFClientOpen
TIFFRGBAImageBegin

kernel32

GlobalSize
LoadLibraryA
GetProcAddress
InitializeSListHead
Sleep
GetModuleHandleA
FreeLibrary
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
GlobalLock
GlobalUnlock
IsDebuggerPresent
TerminateProcess
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent

user32

EndPaint
FillRect
GetDC
LoadCursorA
GetWindowRect
DispatchMessageA
GetSystemMetrics
ShowWindow
OpenClipboard
CloseClipboard
EnumClipboardFormats
RegisterClassA
DefWindowProcA
CreateWindowExA
TranslateMessage
GetMessageA
LoadIconA
GetWindowLongPtrA
BeginPaint
ReleaseDC
RegisterClipboardFormatA
InvalidateRect
SetForegroundWindow
GetClipboardData
SetWindowLongPtrA

gdi32

CreateCompatibleBitmap
DeleteObject
DeleteDC
GetDeviceCaps
DeleteEnhMetaFile
GetDIBits
SetDIBColorTable
StretchBlt
RealizePalette
StretchDIBits
GetSystemPaletteEntries
SelectPalette
CreatePalette
BitBlt
CreateDCA
SelectObject
SetWinMetaFileBits
CreateDIBSection
CreateCompatibleDC
GdiFlush
PlayEnhMetaFile
SetEnhMetaFileBits
GetStockObject

python39

PyExc_TypeError
PyExc_IndexError
_Py_TrueStruct
PyObject_Print
PyList_SetItem
PyUnicode_FromString
PyObject_Size
PyBuffer_Release
PyEval_RestoreThread
PyExc_RuntimeError
PyThreadState_Get
_PyObject_CallFunction_SizeT
PySys_GetObject
PyFile_WriteString
PyErr_Print
PyThreadState_Swap
PyList_Size
PyErr_Format
PyErr_SetFromErrno
_PyBytes_Resize
PyTuple_Size
PyBytes_Size
PyList_GetItem
PyDict_GetItem
PyObject_IsTrue
PyExc_SystemError
PyLong_AsSsize_t
PyObject_CallMethod
PyExc_MemoryError
PyArg_ParseTuple
PySlice_AdjustIndices
PySlice_Type
PySequence_GetItem
PySlice_Unpack
Py_BuildValue
PyObject_CallFunction
PyErr_ExceptionMatches
PyIndex_Check
PyNumber_Check
PyNumber_AsSsize_t
_PyObject_New
PyBytes_FromStringAndSize
PyExc_OSError
PyErr_NoMemory
PyUnicode_Type
PySequence_Check
PyDict_New
PyCapsule_New
PyErr_Clear
_PyObject_CallMethod_SizeT
PyType_Ready
PyModule_Create2
PyList_New
PySequence_Fast
PyObject_GetBuffer
PyLong_AsLong
_PyArg_ParseTuple_SizeT
PyObject_CheckBuffer
PyModule_AddObject
PyObject_Free
PyModule_GetDict
PyTuple_GetItem
_Py_Dealloc
PyFloat_Type
_Py_FalseStruct
PyExc_ValueError
PyErr_SetString
PyFloat_FromDouble
PyDict_SetItemString
PyTuple_New
PyLong_AsLongLong
_Py_NoneStruct
PyBytes_AsStringAndSize
PyFloat_AsDouble
PyUnicode_AsLatin1String
PyLong_FromLong
PyEval_SaveThread
PyLong_FromSsize_t
PyErr_Occurred
PyBytes_AsString
_PyErr_BadInternalCall
PyModule_AddIntConstant
_Py_BuildValue_SizeT
PyBool_FromLong
PySequence_Size
PyType_IsSubtype

vcruntime140

__intrinsic_setjmp
memmove
memcmp
__std_type_info_destroy_list
__C_specific_handler
memset
longjmp
memcpy

api-ms-win-crt-heap-l1-1-0

calloc
free
realloc
malloc

api-ms-win-crt-stdio-l1-1-0

_write
fwrite
__acrt_iob_func
__stdio_common_vsscanf
_lseek
fread
fseek
tmpfile
__stdio_common_vfprintf
__stdio_common_vsprintf
_get_osfhandle
fclose
fopen

api-ms-win-crt-string-l1-1-0

strncmp
strncpy
_strdup
strcmp

api-ms-win-crt-runtime-l1-1-0

_cexit
exit
_initterm
_initterm_e
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_execute_onexit_table

api-ms-win-crt-math-l1-1-0

fmin
roundf
hypot
round
lround
cos
floor
fmod
log
pow
sin
sqrt
fmax
ceil

api-ms-win-crt-utility-l1-1-0

qsort
rand

api-ms-win-crt-environment-l1-1-0

getenv

Exports

Exports

PyInit__imaging

Sections

.text
Size: 510KB - Virtual size: 509KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

98e1aa4b68ffed6f360bd66442ccf26f

Headers

DLL Characteristics

File Characteristics

Imports

openjp2

zlib

tiff

kernel32

user32

gdi32

python39

vcruntime140

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-environment-l1-1-0

Exports

Exports

Sections

.text Size: 510KB - Virtual size: 509KB

.rdata Size: 74KB - Virtual size: 73KB

.data Size: 23KB - Virtual size: 25KB

.pdata Size: 22KB - Virtual size: 21KB

.rsrc Size: 512B - Virtual size: 248B

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 510KB - Virtual size: 509KB

.rdata
Size: 74KB - Virtual size: 73KB

.data
Size: 23KB - Virtual size: 25KB

.pdata
Size: 22KB - Virtual size: 21KB

.rsrc
Size: 512B - Virtual size: 248B

.reloc
Size: 4KB - Virtual size: 3KB