d63b65e40667524adc79c7c601999f6db514c6a5433cef92ab55ef316e693816

Sharing

Copy URL

Twitter E-mail

General

Target

d63b65e40667524adc79c7c601999f6db514c6a5433cef92ab55ef316e693816
Size

690KB
MD5

fbea1e4e6422072b9ff2432c48193768
SHA1

33f412dcef0f6b103ccdbea81d32be4c28131067
SHA256

d63b65e40667524adc79c7c601999f6db514c6a5433cef92ab55ef316e693816
SHA512

ec8629ed05c3925db33ca4d5f4c9cd208974eaa97df80a7925b5668d95817f49e57385e1efb55a980af481a27b020d51ad297db8406b497e96613cabbb185f2a
SSDEEP

12288:pqN15DGPM++vNzUjNqCyrNPfowGNv0JfVkZHs0/NkZxtCerIpTJ3ZcVafbhS2PAC:pmVayw6TrkyIrHjd4g0tfe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d63b65e40667524adc79c7c601999f6db514c6a5433cef92ab55ef316e693816

Files

d63b65e40667524adc79c7c601999f6db514c6a5433cef92ab55ef316e693816
.dll windows:6 windows x86 arch:x86

f93ab21447ddeaffc51095b0102759e8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\a\cachebox\cachebox\target\i686-pc-windows-msvc\release\deps\cachebox.pdb

Imports

bcrypt

BCryptGenRandom

advapi32

SystemFunction036

kernel32

GetCurrentDirectoryW
GetEnvironmentVariableW
UnhandledExceptionFilter
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetCurrentThreadId
ReleaseMutex
RtlCaptureContext
GetCurrentThread
GetCurrentProcess
WaitForSingleObject
GetStdHandle
GetCurrentProcessId
TerminateProcess
GetLastError
GetProcessHeap
HeapAlloc
HeapFree
HeapReAlloc
WaitForSingleObjectEx
LoadLibraryA
CreateMutexA
SetUnhandledExceptionFilter
GetConsoleMode
CloseHandle
GetProcAddress
GetModuleHandleA
GetModuleHandleW
FormatMessageW
MultiByteToWideChar
WriteConsoleW
InitOnceBeginInitialize
TlsAlloc
InitOnceComplete
TlsFree
QueryPerformanceFrequency
GetSystemTimeAsFileTime
Sleep
TlsSetValue
TlsGetValue
AcquireSRWLockShared
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
ReleaseSRWLockShared
SetLastError
QueryPerformanceCounter
IsProcessorFeaturePresent

ntdll

RtlNtStatusToDosError
NtWriteFile

python38

_Py_NoneStruct
PyBaseObject_Type
PyErr_WriteUnraisable
PyTuple_New
PyTuple_SetItem
PyList_New
PyExc_SystemError
PyUnicode_AsUTF8AndSize
PyUnicode_FromStringAndSize
PyUnicode_InternInPlace
PyUnicode_AsEncodedString
PyBytes_AsString
PyBytes_Size
PyException_GetCause
PyObject_Repr
PyObject_Str
PyErr_Restore
PyExc_TypeError
PyExc_RuntimeError
PyException_GetTraceback
PyException_SetTraceback
PyErr_Fetch
PyErr_PrintEx
PyErr_NewExceptionWithDoc
PyException_SetCause
PyGILState_Release
PyErr_Print
Py_IsInitialized
PyGILState_Ensure
_Py_Dealloc
PyObject_SetAttrString
PyBool_Type
PyExc_OverflowError
PyLong_FromUnsignedLongLong
PyExc_ImportError
PyModule_Create2
PyDict_Items
PyDict_Next
PyObject_GetIter
PyIter_Next
PyList_Append
PyNumber_Index
PyErr_NormalizeException
PyType_GenericAlloc
PyExc_AttributeError
PyErr_GivenExceptionMatches
PyObject_GetAttr
PyObject_SetAttr
PyObject_GetItem
PyObject_SetItem
PyObject_DelItem
_Py_TrueStruct
PyFloat_FromDouble
PyFloat_Type
PyFloat_AsDouble
PyLong_AsUnsignedLongLong
PyObject_Free
PyMem_Malloc
PyLong_FromSsize_t
PyObject_GenericGetDict
PyObject_GenericSetDict
PyType_FromSpec
PyExc_BaseException
_Py_NotImplementedStruct
PyExc_NotImplementedError
_Py_FalseStruct
PyType_IsSubtype
PyExc_KeyError
PyObject_Hash
PyExc_ValueError

vcruntime140

memmove
memcpy
__CxxFrameHandler3
memset
memcmp
_CxxThrowException
__std_type_info_destroy_list
_except_handler4_common

api-ms-win-crt-runtime-l1-1-0

_initterm
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_execute_onexit_table
_cexit
_initterm_e

api-ms-win-crt-heap-l1-1-0

free

Exports

Exports

PyInit__cachebox

Sections

.text
Size: 559KB - Virtual size: 559KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f93ab21447ddeaffc51095b0102759e8

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

bcrypt

advapi32

kernel32

ntdll

python38

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

Exports

Exports

Sections

.text Size: 559KB - Virtual size: 559KB

.rdata Size: 103KB - Virtual size: 103KB

.data Size: 1KB - Virtual size: 2KB

.reloc Size: 25KB - Virtual size: 24KB

.text
Size: 559KB - Virtual size: 559KB

.rdata
Size: 103KB - Virtual size: 103KB

.data
Size: 1KB - Virtual size: 2KB

.reloc
Size: 25KB - Virtual size: 24KB