PyInit__imaging
Static task
static1
1 signatures
General
-
Target
_imaging.cp312-win_amd64.pyd
-
Size
2.2MB
-
MD5
ff0f2e5a156a73c3759fe19af09a18ef
-
SHA1
d0b16481e537d981078afa091f7dc7f4da2b904d
-
SHA256
b9e41e7137cfc7b873e96ada1c473babfd616d0ad7878221bb68c43b70190067
-
SHA512
0077a54e105bb674f6f75187467ec15837ae1c6d00df3c708b4b1a0f4efe779c634dc2f9885b36e44c1a4f839e000ffd1a8666c23348dae19cf8b05c6182fcaa
-
SSDEEP
49152:roj4G5OUHyGMZ54KDUglPqv4Q0Qb4wUYuKROc:rSilPqv4Q0Qxbwc
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource _imaging.cp312-win_amd64.pyd
Files
-
_imaging.cp312-win_amd64.pyd.dll windows:6 windows x64 arch:x64
166a54ea9ae587d78b2c968bcfad1a44
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
Imports
kernel32
SetEvent
WaitForSingleObject
CreateEventA
TlsAlloc
TlsGetValue
TlsSetValue
GetSystemInfo
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
InitializeCriticalSectionAndSpinCount
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
IsDebuggerPresent
InitializeCriticalSectionEx
InitializeConditionVariable
WakeConditionVariable
SleepConditionVariableCS
WaitForSingleObjectEx
SetThreadPriority
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
CreateFileMappingA
UnmapViewOfFile
MapViewOfFile
GetLastError
CloseHandle
WriteFile
SetFilePointer
ReadFile
GetFileSizeEx
GlobalUnlock
FreeLibrary
GlobalLock
GetProcAddress
GetModuleHandleA
LoadLibraryA
GlobalSize
Sleep
QueryPerformanceCounter
user32
GetMessageA
DispatchMessageA
GetWindowRect
EndPaint
BeginPaint
LoadCursorA
GetDC
FillRect
GetSystemMetrics
ShowWindow
OpenClipboard
CloseClipboard
EnumClipboardFormats
RegisterClassA
DefWindowProcA
CreateWindowExA
TranslateMessage
GetClipboardData
LoadIconA
GetWindowLongPtrA
SetWindowLongPtrA
SetForegroundWindow
InvalidateRect
RegisterClipboardFormatA
ReleaseDC
gdi32
BitBlt
GetSystemPaletteEntries
SelectPalette
CreatePalette
CreateCompatibleBitmap
SelectObject
SetWinMetaFileBits
CreateDIBSection
CreateCompatibleDC
GdiFlush
PlayEnhMetaFile
SetEnhMetaFileBits
GetStockObject
GetDIBits
DeleteEnhMetaFile
GetDeviceCaps
DeleteDC
DeleteObject
CreateDCA
RealizePalette
StretchBlt
SetDIBColorTable
StretchDIBits
python312
PyObject_Print
PyList_SetItem
_Py_TrueStruct
PyUnicode_FromString
PyExc_IndexError
PyExc_TypeError
_PyObject_New
PyObject_Size
PyBuffer_Release
PyExc_OSError
PyErr_NoMemory
PyEval_RestoreThread
PyThreadState_Get
_PyObject_CallFunction_SizeT
PySys_GetObject
PyFile_WriteString
PyErr_Print
PyThreadState_Swap
PyUnicode_Type
PySequence_Check
PyDict_New
PyCapsule_New
PyErr_Clear
_PyObject_CallMethod_SizeT
PyType_Ready
PyModule_Create2
PyList_Size
PyList_New
PyErr_Format
PySequence_Size
PyNumber_AsSsize_t
PyNumber_Check
PySequence_Fast
PyObject_GetBuffer
PyLong_AsLong
PyIndex_Check
_PyArg_ParseTuple_SizeT
PyErr_ExceptionMatches
PyObject_CallFunction
Py_BuildValue
PySlice_Unpack
PySequence_GetItem
PySlice_Type
PySlice_AdjustIndices
PyArg_ParseTuple
PyExc_MemoryError
PyObject_CallMethod
PyLong_AsSsize_t
PyExc_SystemError
PyObject_IsTrue
PyDict_GetItem
PyList_GetItem
PyObject_CheckBuffer
PyModule_AddObject
PyBytes_Size
PyTuple_Size
_PyBytes_Resize
PyBytes_FromStringAndSize
PyErr_SetFromErrno
PyObject_Free
PyModule_GetDict
PyTuple_GetItem
_Py_Dealloc
PyType_IsSubtype
PyFloat_Type
_Py_FalseStruct
PyExc_ValueError
PyErr_SetString
PyFloat_FromDouble
PyDict_SetItemString
PyTuple_New
PyLong_AsLongLong
_Py_NoneStruct
PyBytes_AsStringAndSize
PyFloat_AsDouble
PyUnicode_AsLatin1String
PyLong_FromLong
PyEval_SaveThread
PyLong_FromSsize_t
PyErr_Occurred
PyBytes_AsString
_PyErr_BadInternalCall
PyModule_AddIntConstant
_Py_BuildValue_SizeT
PyBool_FromLong
PyExc_RuntimeError
vcruntime140
longjmp
memmove
memset
memcmp
__C_specific_handler
__intrinsic_setjmp
__std_type_info_destroy_list
memcpy
api-ms-win-crt-heap-l1-1-0
_aligned_free
_aligned_malloc
calloc
free
malloc
realloc
api-ms-win-crt-stdio-l1-1-0
_lseek
__stdio_common_vsprintf
__acrt_iob_func
__stdio_common_vfprintf
_write
__stdio_common_vsscanf
__stdio_common_vsnprintf_s
fopen
_get_osfhandle
fwrite
fclose
api-ms-win-crt-string-l1-1-0
_strdup
strncpy
strncmp
strcmp
api-ms-win-crt-runtime-l1-1-0
exit
_beginthreadex
_initterm
_initterm_e
_seh_filter_dll
_configure_narrow_argv
_cexit
_execute_onexit_table
_initialize_onexit_table
_initialize_narrow_environment
api-ms-win-crt-math-l1-1-0
roundf
fmin
lround
hypot
floor
pow
exp
log
sin
ceil
log10
fmax
atan2
sqrt
cos
fmod
round
api-ms-win-crt-utility-l1-1-0
qsort
rand
bsearch
api-ms-win-crt-convert-l1-1-0
atoi
api-ms-win-crt-environment-l1-1-0
getenv
getenv_s
Exports
Exports
Sections
.text Size: 1.6MB - Virtual size: 1.6MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 515KB - Virtual size: 515KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 24KB - Virtual size: 36KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 63KB - Virtual size: 63KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 512B - Virtual size: 248B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 5KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ