python312[.]dll

Sharing

Copy URL

Twitter E-mail

General

Target

python312.dll
Size

6.6MB
MD5

3c388ce47c0d9117d2a50b3fa5ac981d
SHA1

038484ff7460d03d1d36c23f0de4874cbaea2c48
SHA256

c98ba3354a7d1f69bdca42560feec933ccba93afcc707391049a065e1079cddb
SHA512

e529c5c1c028be01e44a156cd0e7cad0a24b5f91e5d34697fafc395b63e37780dc0fac8f4c5d075ad8fe4bd15d62a250b818ff3d4ead1e281530a4c7e3ce6d35
SSDEEP

49152:77dFcaC296MwQx0AWOO5JqSEShouly4XUV/x3aOvi5lnX79DxW/En8tdFNPhD2SI:7Z+aCnAh8lRA4jvE0ivHHDMiEBaw

Score

1^/10

Malware Config

Signatures

Files

python312.dll
.dll windows:6 windows x64 arch:x64

366cb2ac20eef2d78010eed948794ead

Code Sign

05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5c
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2013 12:00

Not After

15-01-2038 12:00

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29-04-2021 00:00

Not After

28-04-2036 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:1f:14:1b:8b:30:0d:25:f3:14:eb:23:0c:d0:d1:dd
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

17-01-2022 00:00

Not After

15-01-2025 23:59

Subject

CN=Python Software Foundation,O=Python Software Foundation,L=Beaverton,ST=Oregon,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14-07-2023 00:00

Not After

13-10-2034 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

49:a7:26:94:2b:48:40:31:89:bb:fb:06:88:8b:99:5a:e1:8a:74:e8:37:d7:d6:5c:d1:49:85:cb:b3:86:ee:d0
Signer

Actual PE Digest

49:a7:26:94:2b:48:40:31:89:bb:fb:06:88:8b:99:5a:e1:8a:74:e8:37:d7:d6:5c:d1:49:85:cb:b3:86:ee:d0

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\1\b\bin\amd64\python312.pdb

Imports

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

ws2_32

getsockopt
send
WSAGetLastError

api-ms-win-core-path-l1-1-0

PathCchCombineEx
PathCchSkipRoot

bcrypt

BCryptGenRandom

advapi32

RegEnumKeyExW
RegDeleteKeyExW
RegQueryInfoKeyW
RegDeleteKeyW
RegFlushKey
RegCreateKeyExW
RegSaveKeyW
RegSetValueExW
RegLoadKeyW
RegCreateKeyW
RegConnectRegistryW
RegDeleteValueW
RegEnumValueW
GetUserNameW
RegQueryValueExW
RegOpenKeyExW
OpenProcessToken
RegCloseKey
LookupPrivilegeValueA
AdjustTokenPrivileges

kernel32

GetProcessHeap
TlsGetValue
InitializeSListHead
GetCurrentProcessId
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
TlsFree
Sleep
GetModuleFileNameW
CompareStringOrdinal
GetFileAttributesW
GetLocaleInfoA
GetACP
RemoveVectoredExceptionHandler
SetErrorMode
RaiseException
AddVectoredExceptionHandler
GetCurrentProcess
SetEndOfFile
OpenFileMappingW
UnmapViewOfFile
DuplicateHandle
GetLastError
FlushViewOfFile
CloseHandle
GetSystemInfo
SetFilePointerEx
GetFileSize
CreateFileMappingW
MapViewOfFile
CreateDirectoryW
GetFileInformationByHandleEx
FindFirstFileW
SetHandleInformation
FindFirstVolumeW
GetConsoleScreenBufferInfo
SetLastError
AddDllDirectory
GetHandleInformation
GetFullPathNameW
FindNextFileW
RemoveDllDirectory
DeviceIoControl
TerminateProcess
RemoveDirectoryW
GetFinalPathNameByHandleW
SetFileTime
SetEnvironmentVariableW
CreatePipe
PssQuerySnapshot
CreateHardLinkW
FindClose
GetVolumePathNameW
CreateFileW
OpenProcess
SetFileAttributesW
GetLogicalDriveStringsW
GetFileInformationByHandle
GetFileAttributesExW
PssFreeSnapshot
GetDiskFreeSpaceExW
DeleteFileW
LoadLibraryW
GetActiveProcessorCount
GetCurrentDirectoryW
SetCurrentDirectoryW
GetProcAddress
MoveFileExW
FindVolumeClose
FreeLibrary
CreateSymbolicLinkW
GetVolumePathNamesForVolumeNameW
GetSystemTimeAsFileTime
GetFileType
PssCaptureSnapshot
FindNextVolumeW
GetProcessTimes
GetDriveTypeW
GenerateConsoleCtrlEvent
SetEvent
CreateEventA
WaitForMultipleObjects
WaitForSingleObject
HeapAlloc
GetTimeZoneInformation
GetCurrentThread
SetWaitableTimerEx
ResetEvent
GetThreadTimes
CreateWaitableTimerExW
MultiByteToWideChar
GetConsoleMode
ReadConsoleW
WaitForSingleObjectEx
WriteConsoleW
GetNumberOfConsoleInputEvents
WideCharToMultiByte
GetStringTypeW
ReadFile
SetNamedPipeHandleState
WaitNamedPipeA
NeedCurrentDirectoryForExePathW
CreateNamedPipeA
GetStdHandle
WriteFile
InitializeProcThreadAttributeList
PeekNamedPipe
GetVersion
LCMapStringEx
UpdateProcThreadAttribute
CancelIoEx
DeleteProcThreadAttributeList
GetOverlappedResult
ExitProcess
CopyFile2
CreateProcessW
VirtualQuery
ConnectNamedPipe
GetExitCodeProcess
VirtualFree
VirtualAlloc
ExpandEnvironmentStringsW
GetModuleHandleW
GetErrorMode
FormatMessageW
LoadLibraryExW
LocalFree
GetConsoleOutputCP
GetConsoleCP
GetNamedPipeHandleStateW
EnterCriticalSection
ReleaseSemaphore
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
CreateSemaphoreA
OutputDebugStringW
GetSystemTimeAdjustment
GetTickCount64
QueryPerformanceFrequency
QueryPerformanceCounter
GetVersionExW
TlsSetValue
HeapFree
GetCurrentThreadId
TlsAlloc
IsDebuggerPresent

vcruntime140

memchr
memmove
memcpy
wcschr
wcsrchr
strchr
strrchr
__C_specific_handler
__std_type_info_destroy_list
memset
memcmp

api-ms-win-crt-stdio-l1-1-0

_open_osfhandle
ferror
puts
_wfopen
putchar
setvbuf
__stdio_common_vswprintf
_commit
__stdio_common_vsprintf
rewind
getc
_locking
__acrt_iob_func
_setmode
fclose
__stdio_common_vfprintf
ftell
feof
fgets
_get_osfhandle
fread
fputs
fputc
fwrite
clearerr
_isatty
_fileno
_lseek
_dup2
fflush
_close
_lseeki64
_chsize_s
_open
_read
_dup
_write
_wopen
ungetc
_kbhit

api-ms-win-crt-environment-l1-1-0

_wgetcwd
_wputenv_s
getenv
_wgetenv
__p__wenviron
_wputenv

api-ms-win-crt-heap-l1-1-0

calloc
_heapmin
malloc
free
realloc

api-ms-win-crt-runtime-l1-1-0

_execute_onexit_table
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_exit
raise
_initterm
__fpe_flt_rounds
abort
_cexit
exit
_beginthreadex
_wsystem
signal
_set_thread_local_invalid_parameter_handler
__sys_errlist
__sys_nerr
__doserrno
_endthreadex
_getpid
_set_abort_behavior
strerror
_errno

api-ms-win-crt-locale-l1-1-0

setlocale
localeconv

api-ms-win-crt-string-l1-1-0

strcmp
wcsnlen
_wcsicmp
wcscpy_s
wcscat_s
toupper
wcscoll
wcstok_s
tolower
isalnum
wcsxfrm
_stricmp
wcsncmp
strpbrk
isxdigit
strcspn
strncmp
isdigit
strncpy
wcsncpy_s
wcscmp

api-ms-win-crt-convert-l1-1-0

mbstowcs
wcstol
strtoul
wcstombs
strtol

api-ms-win-crt-math-l1-1-0

nextafter
acosh
exp
frexp
exp2
tanh
fabs
sqrt
cbrt
cosh
erf
pow
_fdopen
tan
atan
erfc
log1p
copysign
log2
sin
log10
acos
hypot
log
asinh
modf
round
cos
fmod
fma
floor
ceil
atan2
_dclass
ldexp
sinh
asin
atanh
expm1

api-ms-win-crt-time-l1-1-0

__daylight
_tzset
__timezone
clock
strftime
_mktime64
_time64
_gmtime64_s
_localtime64_s

api-ms-win-crt-process-l1-1-0

_cwait
_wspawnv
_wexecv
_wexecve
_wspawnve

api-ms-win-crt-conio-l1-1-0

_ungetwch
_getwche
_putwch
_getche
_ungetch
_getch
_putch
_getwch

api-ms-win-crt-filesystem-l1-1-0

_umask
_wstat64i32

Exports

Exports

PyAIter_Check
PyArg_Parse
PyArg_ParseTuple
PyArg_ParseTupleAndKeywords
PyArg_UnpackTuple
PyArg_VaParse
PyArg_VaParseTupleAndKeywords
PyArg_ValidateKeywordArguments
PyAsyncGen_New
PyAsyncGen_Type
PyBaseObject_Type
PyBool_FromLong
PyBool_Type
PyBuffer_FillContiguousStrides
PyBuffer_FillInfo
PyBuffer_FromContiguous
PyBuffer_GetPointer
PyBuffer_IsContiguous
PyBuffer_Release
PyBuffer_SizeFromFormat
PyBuffer_ToContiguous
PyByteArrayIter_Type
PyByteArray_AsString
PyByteArray_Concat
PyByteArray_FromObject
PyByteArray_FromStringAndSize
PyByteArray_Resize
PyByteArray_Size
PyByteArray_Type
PyBytesIter_Type
PyBytes_AsString
PyBytes_AsStringAndSize
PyBytes_Concat
PyBytes_ConcatAndDel
PyBytes_DecodeEscape
PyBytes_FromFormat
PyBytes_FromFormatV
PyBytes_FromObject
PyBytes_FromString
PyBytes_FromStringAndSize
PyBytes_Repr
PyBytes_Size
PyBytes_Type
PyCFunction_Call
PyCFunction_GetFlags
PyCFunction_GetFunction
PyCFunction_GetSelf
PyCFunction_New
PyCFunction_NewEx
PyCFunction_Type
PyCMethod_New
PyCMethod_Type
PyCallIter_New
PyCallIter_Type
PyCallable_Check
PyCapsule_GetContext
PyCapsule_GetDestructor
PyCapsule_GetName
PyCapsule_GetPointer
PyCapsule_Import
PyCapsule_IsValid
PyCapsule_New
PyCapsule_SetContext
PyCapsule_SetDestructor
PyCapsule_SetName
PyCapsule_SetPointer
PyCapsule_Type
PyCell_Get
PyCell_New
PyCell_Set
PyCell_Type
PyClassMethodDescr_Type
PyClassMethod_New
PyClassMethod_Type
PyCode_AddWatcher
PyCode_Addr2Line
PyCode_Addr2Location
PyCode_ClearWatcher
PyCode_GetCellvars
PyCode_GetCode
PyCode_GetFreevars
PyCode_GetVarnames
PyCode_NewEmpty
PyCode_Optimize
PyCode_Type
PyCodec_BackslashReplaceErrors
PyCodec_Decode
PyCodec_Decoder
PyCodec_Encode
PyCodec_Encoder
PyCodec_IgnoreErrors
PyCodec_IncrementalDecoder
PyCodec_IncrementalEncoder
PyCodec_KnownEncoding
PyCodec_LookupError
PyCodec_NameReplaceErrors
PyCodec_Register
PyCodec_RegisterError
PyCodec_ReplaceErrors
PyCodec_StreamReader
PyCodec_StreamWriter
PyCodec_StrictErrors
PyCodec_Unregister
PyCodec_XMLCharRefReplaceErrors
PyCompile_OpcodeStackEffect
PyCompile_OpcodeStackEffectWithJump
PyComplex_AsCComplex
PyComplex_FromCComplex
PyComplex_FromDoubles
PyComplex_ImagAsDouble
PyComplex_RealAsDouble
PyComplex_Type
PyConfig_Clear
PyConfig_InitIsolatedConfig
PyConfig_InitPythonConfig
PyConfig_Read
PyConfig_SetArgv
PyConfig_SetBytesArgv
PyConfig_SetBytesString
PyConfig_SetString
PyConfig_SetWideStringList
PyContextToken_Type
PyContextVar_Get
PyContextVar_New
PyContextVar_Reset
PyContextVar_Set
PyContextVar_Type
PyContext_Copy
PyContext_CopyCurrent
PyContext_Enter
PyContext_Exit
PyContext_New
PyContext_Type
PyCoro_New
PyCoro_Type
PyDescr_IsData
PyDescr_NewClassMethod
PyDescr_NewGetSet
PyDescr_NewMember
PyDescr_NewMethod
PyDescr_NewWrapper
PyDictItems_Type
PyDictIterItem_Type
PyDictIterKey_Type
PyDictIterValue_Type
PyDictKeys_Type
PyDictProxy_New
PyDictProxy_Type
PyDictRevIterItem_Type
PyDictRevIterKey_Type
PyDictRevIterValue_Type
PyDictValues_Type
PyDict_AddWatcher
PyDict_Clear
PyDict_ClearWatcher
PyDict_Contains
PyDict_Copy
PyDict_DelItem
PyDict_DelItemString
PyDict_GetItem
PyDict_GetItemString
PyDict_GetItemWithError
PyDict_Items
PyDict_Keys
PyDict_Merge
PyDict_MergeFromSeq2
PyDict_New
PyDict_Next
PyDict_SetDefault
PyDict_SetItem
PyDict_SetItemString
PyDict_Size
PyDict_Type
PyDict_Unwatch
PyDict_Update
PyDict_Values
PyDict_Watch
PyEllipsis_Type
PyEnum_Type
PyErr_BadArgument
PyErr_BadInternalCall
PyErr_CheckSignals
PyErr_Clear
PyErr_Display
PyErr_DisplayException
PyErr_ExceptionMatches
PyErr_Fetch
PyErr_Format
PyErr_FormatV
PyErr_GetExcInfo
PyErr_GetHandledException
PyErr_GetRaisedException
PyErr_GivenExceptionMatches
PyErr_NewException
PyErr_NewExceptionWithDoc
PyErr_NoMemory
PyErr_NormalizeException
PyErr_Occurred
PyErr_Print
PyErr_PrintEx
PyErr_ProgramText
PyErr_ProgramTextObject
PyErr_RangedSyntaxLocationObject
PyErr_ResourceWarning
PyErr_Restore
PyErr_SetExcFromWindowsErr
PyErr_SetExcFromWindowsErrWithFilename
PyErr_SetExcFromWindowsErrWithFilenameObject
PyErr_SetExcFromWindowsErrWithFilenameObjects
PyErr_SetExcInfo
PyErr_SetFromErrno
PyErr_SetFromErrnoWithFilename
PyErr_SetFromErrnoWithFilenameObject
PyErr_SetFromErrnoWithFilenameObjects
PyErr_SetFromWindowsErr
PyErr_SetFromWindowsErrWithFilename
PyErr_SetHandledException
PyErr_SetImportError
PyErr_SetImportErrorSubclass
PyErr_SetInterrupt
PyErr_SetInterruptEx
PyErr_SetNone
PyErr_SetObject
PyErr_SetRaisedException
PyErr_SetString
PyErr_SyntaxLocation
PyErr_SyntaxLocationEx
PyErr_SyntaxLocationObject
PyErr_WarnEx
PyErr_WarnExplicit
PyErr_WarnExplicitFormat
PyErr_WarnExplicitObject
PyErr_WarnFormat
PyErr_WriteUnraisable
PyEval_AcquireLock
PyEval_AcquireThread
PyEval_CallFunction
PyEval_CallMethod
PyEval_CallObjectWithKeywords
PyEval_EvalCode
PyEval_EvalCodeEx
PyEval_EvalFrame
PyEval_EvalFrameEx
PyEval_GetBuiltins
PyEval_GetFrame
PyEval_GetFuncDesc
PyEval_GetFuncName
PyEval_GetGlobals
PyEval_GetLocals
PyEval_InitThreads
PyEval_MergeCompilerFlags
PyEval_ReleaseLock
PyEval_ReleaseThread
PyEval_RestoreThread
PyEval_SaveThread
PyEval_SetProfile
PyEval_SetProfileAllThreads
PyEval_SetTrace
PyEval_SetTraceAllThreads
PyEval_ThreadsInitialized
PyExc_ArithmeticError
PyExc_AssertionError
PyExc_AttributeError
PyExc_BaseException
PyExc_BaseExceptionGroup
PyExc_BlockingIOError
PyExc_BrokenPipeError
PyExc_BufferError
PyExc_BytesWarning
PyExc_ChildProcessError
PyExc_ConnectionAbortedError
PyExc_ConnectionError
PyExc_ConnectionRefusedError
PyExc_ConnectionResetError
PyExc_DeprecationWarning
PyExc_EOFError
PyExc_EncodingWarning
PyExc_EnvironmentError
PyExc_Exception
PyExc_FileExistsError
PyExc_FileNotFoundError
PyExc_FloatingPointError
PyExc_FutureWarning
PyExc_GeneratorExit
PyExc_IOError
PyExc_ImportError
PyExc_ImportWarning
PyExc_IndentationError
PyExc_IndexError
PyExc_InterruptedError
PyExc_IsADirectoryError
PyExc_KeyError
PyExc_KeyboardInterrupt
PyExc_LookupError
PyExc_MemoryError
PyExc_ModuleNotFoundError
PyExc_NameError
PyExc_NotADirectoryError
PyExc_NotImplementedError
PyExc_OSError
PyExc_OverflowError
PyExc_PendingDeprecationWarning
PyExc_PermissionError
PyExc_ProcessLookupError
PyExc_RecursionError
PyExc_ReferenceError
PyExc_ResourceWarning
PyExc_RuntimeError
PyExc_RuntimeWarning
PyExc_StopAsyncIteration
PyExc_StopIteration
PyExc_SyntaxError
PyExc_SyntaxWarning
PyExc_SystemError
PyExc_SystemExit
PyExc_TabError
PyExc_TimeoutError
PyExc_TypeError
PyExc_UnboundLocalError
PyExc_UnicodeDecodeError
PyExc_UnicodeEncodeError
PyExc_UnicodeError
PyExc_UnicodeTranslateError
PyExc_UnicodeWarning
PyExc_UserWarning
PyExc_ValueError
PyExc_Warning
PyExc_WindowsError
PyExc_ZeroDivisionError
PyExceptionClass_Name
PyException_GetArgs
PyException_GetCause
PyException_GetContext
PyException_GetTraceback
PyException_SetArgs
PyException_SetCause
PyException_SetContext
PyException_SetTraceback
PyFile_FromFd
PyFile_GetLine
PyFile_NewStdPrinter
PyFile_OpenCode
PyFile_OpenCodeObject
PyFile_SetOpenCodeHook
PyFile_WriteObject
PyFile_WriteString
PyFilter_Type
PyFloat_AsDouble
PyFloat_FromDouble
PyFloat_FromString
PyFloat_GetInfo
PyFloat_GetMax
PyFloat_GetMin
PyFloat_Pack2
PyFloat_Pack4
PyFloat_Pack8
PyFloat_Type
PyFloat_Unpack2
PyFloat_Unpack4
PyFloat_Unpack8
PyFrame_FastToLocals
PyFrame_FastToLocalsWithError
PyFrame_GetBack
PyFrame_GetBuiltins
PyFrame_GetCode
PyFrame_GetGenerator
PyFrame_GetGlobals
PyFrame_GetLasti
PyFrame_GetLineNumber
PyFrame_GetLocals
PyFrame_GetVar
PyFrame_GetVarString
PyFrame_LocalsToFast
PyFrame_New
PyFrame_Type
PyFrozenSet_New
PyFrozenSet_Type
PyFunction_AddWatcher
PyFunction_ClearWatcher
PyFunction_GetAnnotations
PyFunction_GetClosure
PyFunction_GetCode
PyFunction_GetDefaults
PyFunction_GetGlobals
PyFunction_GetKwDefaults
PyFunction_GetModule
PyFunction_New
PyFunction_NewWithQualName
PyFunction_SetAnnotations
PyFunction_SetClosure
PyFunction_SetDefaults
PyFunction_SetKwDefaults
PyFunction_SetVectorcall
PyFunction_Type
PyGC_Collect
PyGC_Disable
PyGC_Enable
PyGC_IsEnabled
PyGILState_Check
PyGILState_Ensure
PyGILState_GetThisThreadState
PyGILState_Release
PyGen_GetCode
PyGen_New
PyGen_NewWithQualName
PyGen_Type
PyGetSetDescr_Type
PyHash_GetFuncDef
PyImport_AddModule
PyImport_AddModuleObject
PyImport_AppendInittab
PyImport_ExecCodeModule
PyImport_ExecCodeModuleEx
PyImport_ExecCodeModuleObject
PyImport_ExecCodeModuleWithPathnames
PyImport_ExtendInittab
PyImport_FrozenModules
PyImport_GetImporter
PyImport_GetMagicNumber
PyImport_GetMagicTag
PyImport_GetModule
PyImport_GetModuleDict
PyImport_Import
PyImport_ImportFrozenModule
PyImport_ImportFrozenModuleObject
PyImport_ImportModule
PyImport_ImportModuleLevel
PyImport_ImportModuleLevelObject
PyImport_ImportModuleNoBlock
PyImport_Inittab
PyImport_ReloadModule
PyIndex_Check
PyInstanceMethod_Function
PyInstanceMethod_New
PyInstanceMethod_Type
PyInterpreterState_Clear
PyInterpreterState_Delete
PyInterpreterState_Get
PyInterpreterState_GetDict
PyInterpreterState_GetID
PyInterpreterState_Head
PyInterpreterState_Main
PyInterpreterState_New
PyInterpreterState_Next
PyInterpreterState_ThreadHead
PyIter_Check
PyIter_Next
PyIter_Send
PyListIter_Type
PyListRevIter_Type
PyList_Append
PyList_AsTuple
PyList_GetItem
PyList_GetSlice
PyList_Insert
PyList_New
PyList_Reverse
PyList_SetItem
PyList_SetSlice
PyList_Size
PyList_Sort
PyList_Type
PyLongRangeIter_Type
PyLong_AsDouble
PyLong_AsLong
PyLong_AsLongAndOverflow
PyLong_AsLongLong
PyLong_AsLongLongAndOverflow
PyLong_AsSize_t
PyLong_AsSsize_t
PyLong_AsUnsignedLong
PyLong_AsUnsignedLongLong
PyLong_AsUnsignedLongLongMask
PyLong_AsUnsignedLongMask
PyLong_AsVoidPtr
PyLong_FromDouble
PyLong_FromLong
PyLong_FromLongLong
PyLong_FromSize_t
PyLong_FromSsize_t
PyLong_FromString
PyLong_FromUnicodeObject
PyLong_FromUnsignedLong
PyLong_FromUnsignedLongLong
PyLong_FromVoidPtr
PyLong_GetInfo
PyLong_Type
PyMap_Type
PyMapping_Check
PyMapping_GetItemString
PyMapping_HasKey
PyMapping_HasKeyString
PyMapping_Items
PyMapping_Keys
PyMapping_Length
PyMapping_SetItemString
PyMapping_Size
PyMapping_Values
PyMarshal_ReadLastObjectFromFile
PyMarshal_ReadLongFromFile

Sections

.text
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 994KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 146KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

PyRuntim
Size: 448KB - Virtual size: 448KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 87KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

366cb2ac20eef2d78010eed948794ead

Code Sign

05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5cCertificate

Key Usages

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

07:1f:14:1b:8b:30:0d:25:f3:14:eb:23:0c:d0:d1:ddCertificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

49:a7:26:94:2b:48:40:31:89:bb:fb:06:88:8b:99:5a:e1:8a:74:e8:37:d7:d6:5c:d1:49:85:cb:b3:86:ee:d0Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

version

ws2_32

api-ms-win-core-path-l1-1-0

bcrypt

advapi32

kernel32

vcruntime140

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-environment-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-process-l1-1-0

api-ms-win-crt-conio-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

Exports

Exports

Sections

.text Size: 2.5MB - Virtual size: 2.5MB

.rdata Size: 2.4MB - Virtual size: 2.4MB

.data Size: 994KB - Virtual size: 1.0MB

.pdata Size: 146KB - Virtual size: 146KB

PyRuntim Size: 448KB - Virtual size: 448KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 87KB - Virtual size: 86KB

05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5c
Certificate

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

07:1f:14:1b:8b:30:0d:25:f3:14:eb:23:0c:d0:d1:dd
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

49:a7:26:94:2b:48:40:31:89:bb:fb:06:88:8b:99:5a:e1:8a:74:e8:37:d7:d6:5c:d1:49:85:cb:b3:86:ee:d0
Signer

.text
Size: 2.5MB - Virtual size: 2.5MB

.rdata
Size: 2.4MB - Virtual size: 2.4MB

.data
Size: 994KB - Virtual size: 1.0MB

.pdata
Size: 146KB - Virtual size: 146KB

PyRuntim
Size: 448KB - Virtual size: 448KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 87KB - Virtual size: 86KB