4e98b6f4ccc6502c127719bc5d3ec1fbc7fc492ddf1fd43a2ce3f3a9e59e543f

Sharing

Copy URL Twitter E-mail

General

Target

4e98b6f4ccc6502c127719bc5d3ec1fbc7fc492ddf1fd43a2ce3f3a9e59e543f
Size

727KB
MD5

3ccb3b07c0eb0b40b842be5bf6f6e53e
SHA1

4caa20a749f1c70b7ff9afcac92aafa2157e103c
SHA256

4e98b6f4ccc6502c127719bc5d3ec1fbc7fc492ddf1fd43a2ce3f3a9e59e543f
SHA512

b2d7ac7ea0fb2eef10a04568527f27256a1a13f685c4edea644aca43b0701f19ff6a9f9d604265ecaab59d2b6d6136897332c5b8f41903160a27d790f0757195
SSDEEP

12288:rvH4NWlOseiD7dw5XBPLVyURCffqOHXuR0A9C6Z:b872Zw5XBPLVyURCffq4XuRN9C6Z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4e98b6f4ccc6502c127719bc5d3ec1fbc7fc492ddf1fd43a2ce3f3a9e59e543f

Files

4e98b6f4ccc6502c127719bc5d3ec1fbc7fc492ddf1fd43a2ce3f3a9e59e543f
.dll windows:4 windows x64 arch:x64

f4e9daf8274e381bff0d0e2c3ee8798d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
LeaveCriticalSection
QueryPerformanceCounter
RtlAddFunctionTable
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery

msvcrt

__iob_func
_amsg_exit
_errno
_initterm
_lock
_setjmp
_unlock
_vscprintf
_vsnprintf
_vsnprintf_s
abort
calloc
fprintf
free
fwrite
islower
isprint
isspace
isupper
localeconv
longjmp
malloc
memcmp
memcpy
memmove
memset
qsort
realloc
signal
strcmp
strcpy
strlen
strncmp
strncpy
strrchr
strtol
strtoul
toupper
vfprintf

python39

PyIter_Next
PyObject_GetIter
PySequence_Fast
PySequence_GetItem
PySequence_Size
PyNumber_AsSsize_t
PyNumber_Index
PyObject_GetItem
PyObject_Size
PyBool_Type
_Py_FalseStruct
_Py_TrueStruct
PyBool_FromLong
PyBytes_FromObject
PyBytes_AsStringAndSize
PyBytes_AsString
PyBytes_Size
PyBytes_FromFormat
PyBytes_FromStringAndSize
PyObject_CallFunctionObjArgs
PyObject_CallMethod
PyObject_CallFunction
PyObject_CallObject
PyObject_Call
PyDict_Type
PyDict_DelItemString
PyDict_SetItemString
PyDict_GetItemString
PyDict_Merge
PyDict_Next
PyDict_SetItem
PyDict_New
PyExc_KeyError
PyExc_RuntimeError
PyExc_MemoryError
PyExc_AttributeError
PyExc_ValueError
PyExc_NotImplementedError
PyExc_TypeError
PyExc_IndexError
PyExc_SystemError
PyFloat_AsDouble
PyFloat_FromDouble
PyList_Append
PyList_SetItem
PyList_GetItem
PyList_Size
PyList_New
PyLong_AsUnsignedLongLong
PyLong_AsLongLong
PyLong_FromSsize_t
PyLong_FromLongLong
PyLong_AsLong
PyLong_FromSize_t
PyLong_FromUnsignedLongLong
PyLong_FromLong
PyMemoryView_Type
PyModule_GetState
PyModule_Create2
_Py_NoneStruct
_Py_NotImplementedStruct
_Py_Dealloc
PyObject_IsTrue
PyObject_GenericGetAttr
PyObject_SelfIter
PyObject_SetAttr
PyObject_SetAttrString
PyObject_GetAttrString
PyObject_Hash
PyObject_HashNotImplemented
PyObject_RichCompareBool
PyObject_RichCompare
PyObject_Str
PyObject_Repr
PySlice_Type
PySlice_AdjustIndices
PySlice_Unpack
PySlice_New
PyTuple_Type
PyTuple_Pack
PyTuple_SetItem
PyTuple_GetItem
PyTuple_Size
PyTuple_New
PyType_Type
PyType_GetSlot
PyType_FromSpec
PyType_FromSpecWithBases
PyType_IsSubtype
PyType_GenericAlloc
PyUnicode_InternFromString
PyUnicode_Join
PyUnicode_DecodeUTF8
PyUnicode_AsUTF8AndSize
PyUnicode_FromEncodedObject
PyUnicode_FromFormat
PyUnicode_FromString
PyUnicode_FromStringAndSize
PyErr_Format
PyErr_Clear
PyErr_ExceptionMatches
PyErr_Occurred
PyErr_SetString
PyErr_SetNone
PyErr_SetObject
PyArg_UnpackTuple
PyArg_ParseTupleAndKeywords
PyArg_ParseTuple
PyImport_ImportModule
PyModule_AddIntConstant
PyModule_AddObject
Py_BuildValue
PyState_FindModule

Exports

Exports

PyInit__message

Sections

.text
Size: 175KB - Virtual size: 174KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 5KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/4
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/19
Size: 264KB - Virtual size: 263KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/31
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/45
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/57
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/70
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/81
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/92
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f4e9daf8274e381bff0d0e2c3ee8798d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

python39

Exports

Exports

Sections

.text Size: 175KB - Virtual size: 174KB

.data Size: 12KB - Virtual size: 12KB

.rdata Size: 30KB - Virtual size: 30KB

.pdata Size: 7KB - Virtual size: 7KB

.xdata Size: 8KB - Virtual size: 8KB

.bss Size: - Virtual size: 5KB

.edata Size: 512B - Virtual size: 88B

.idata Size: 6KB - Virtual size: 6KB

.CRT Size: 512B - Virtual size: 88B

.tls Size: 512B - Virtual size: 16B

.reloc Size: 2KB - Virtual size: 2KB

/4 Size: 1KB - Virtual size: 1KB

/19 Size: 264KB - Virtual size: 263KB

/31 Size: 14KB - Virtual size: 13KB

/45 Size: 14KB - Virtual size: 14KB

/57 Size: 5KB - Virtual size: 5KB

/70 Size: 2KB - Virtual size: 1KB

/81 Size: 60KB - Virtual size: 59KB

/92 Size: 2KB - Virtual size: 2KB

.text
Size: 175KB - Virtual size: 174KB

.data
Size: 12KB - Virtual size: 12KB

.rdata
Size: 30KB - Virtual size: 30KB

.pdata
Size: 7KB - Virtual size: 7KB

.xdata
Size: 8KB - Virtual size: 8KB

.bss
Size: - Virtual size: 5KB

.edata
Size: 512B - Virtual size: 88B

.idata
Size: 6KB - Virtual size: 6KB

.CRT
Size: 512B - Virtual size: 88B

.tls
Size: 512B - Virtual size: 16B

.reloc
Size: 2KB - Virtual size: 2KB

/4
Size: 1KB - Virtual size: 1KB

/19
Size: 264KB - Virtual size: 263KB

/31
Size: 14KB - Virtual size: 13KB

/45
Size: 14KB - Virtual size: 14KB

/57
Size: 5KB - Virtual size: 5KB

/70
Size: 2KB - Virtual size: 1KB

/81
Size: 60KB - Virtual size: 59KB

/92
Size: 2KB - Virtual size: 2KB