557c37aaf339be888ca26918ff83bdbd88017d7469a37b6f0a715c3eab317afb

Sharing

Copy URL Twitter E-mail

General

Target

557c37aaf339be888ca26918ff83bdbd88017d7469a37b6f0a715c3eab317afb
Size

367KB
MD5

289af1d70d4b8a9b71317586c9dc5497
SHA1

7219f5b9c079db37bdb2d58d6fe01d307e95d57f
SHA256

557c37aaf339be888ca26918ff83bdbd88017d7469a37b6f0a715c3eab317afb
SHA512

73df6cb81372008071be05697eb858e2e8574cf612dd3e6ca0c24647c3bd5004369872a2c7f6f9ce8512ada7cb068044a8bff87bdd809f94e644d226c4862d3a
SSDEEP

6144:Lteia7xyjIlndFuBAInvSRt0joEiVWjPuFD11KmtqHSpLhnaligVxBYXZMV8xZiw:LtO74jIl/01iYjGFDfKmtqHSp4xB8bMw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
557c37aaf339be888ca26918ff83bdbd88017d7469a37b6f0a715c3eab317afb

Files

557c37aaf339be888ca26918ff83bdbd88017d7469a37b6f0a715c3eab317afb
.dll windows:6 windows x86 arch:x86

ecebfabf2f7b3a424f390ee01efb46de

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\a\fastChrF\fastChrF\target\i686-pc-windows-msvc\release\deps\fastchrf.pdb

Imports

kernel32

GetCurrentThread
InitializeSListHead
DisableThreadLibraryCalls
GetCurrentThreadId
GetCurrentProcess
GetEnvironmentVariableW
GetSystemInfo
QueryPerformanceCounter
SwitchToThread
SetThreadStackGuarantee
GetLastError
GetStdHandle
GetCurrentProcessId
ReleaseSRWLockShared
WaitForSingleObject
TerminateProcess
WakeAllConditionVariable
WakeConditionVariable
QueryPerformanceFrequency
GetProcessHeap
HeapAlloc
GetCurrentDirectoryW
HeapReAlloc
AcquireSRWLockShared
WaitForSingleObjectEx
LoadLibraryA
CreateMutexA
ReleaseMutex
IsDebuggerPresent
GetConsoleMode
SetLastError
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetModuleHandleW
FormatMessageW
HeapFree
MultiByteToWideChar
WriteConsoleW
CreateThread
InitOnceBeginInitialize
TlsAlloc
InitOnceComplete
TlsFree
GetSystemTimeAsFileTime
GetProcAddress
GetModuleHandleA
Sleep
CloseHandle
SleepConditionVariableSRW
TlsSetValue
TlsGetValue
TryAcquireSRWLockExclusive
ReleaseSRWLockExclusive
RtlCaptureContext
AcquireSRWLockExclusive
IsProcessorFeaturePresent

advapi32

SystemFunction036

ntdll

RtlNtStatusToDosError
NtWriteFile

bcrypt

BCryptGenRandom

python39

PyTuple_New
PyTuple_SetItem
_Py_Dealloc
PyUnicode_InternInPlace
PyUnicode_AsEncodedString
PyBytes_AsString
PyBytes_Size
PyObject_Repr
PyObject_Str
PyErr_Restore
PyErr_WriteUnraisable
PyGILState_Release
_Py_NoneStruct
PyException_GetTraceback
PyException_SetTraceback
PyErr_Fetch
PyErr_PrintEx
PyErr_NewExceptionWithDoc
PyException_GetCause
PyException_SetCause
PyErr_Print
Py_IsInitialized
PyGILState_Ensure
PyExc_TypeError
PyObject_GetIter
PyIter_Next
PyExc_AttributeError
PyErr_GivenExceptionMatches
PyObject_GetAttr
PyObject_SetAttr
PyFloat_FromDouble
PyFloat_Type
PyFloat_AsDouble
PyList_Append
PyExc_OverflowError
PyNumber_Index
PySequence_Size
PyLong_AsUnsignedLongLong
PyErr_NormalizeException
PyBool_Type
_Py_TrueStruct
PyExc_ImportError
PyModule_Create2
PyCMethod_New
PyModule_GetName
PyExc_BaseException
PySequence_Check
PyExc_ValueError
PyUnicode_FromStringAndSize
PyUnicode_AsUTF8AndSize
PyExc_SystemError
PyList_New

vcruntime140

memcmp
__CxxFrameHandler3
memcpy
_except_handler4_common
memmove
memset
_CxxThrowException
__std_type_info_destroy_list

api-ms-win-crt-string-l1-1-0

strlen

api-ms-win-crt-runtime-l1-1-0

_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_seh_filter_dll
_execute_onexit_table
_cexit
_initterm
_initterm_e

api-ms-win-crt-heap-l1-1-0

free

Exports

Exports

PyInit_fastchrf

Sections

.text
Size: 287KB - Virtual size: 287KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ecebfabf2f7b3a424f390ee01efb46de

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

advapi32

ntdll

bcrypt

python39

vcruntime140

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

Exports

Exports

Sections

.text Size: 287KB - Virtual size: 287KB

.rdata Size: 65KB - Virtual size: 65KB

.data Size: 1024B - Virtual size: 1KB

.reloc Size: 12KB - Virtual size: 12KB

.text
Size: 287KB - Virtual size: 287KB

.rdata
Size: 65KB - Virtual size: 65KB

.data
Size: 1024B - Virtual size: 1KB

.reloc
Size: 12KB - Virtual size: 12KB