PyInit_pyexpat
General
-
Target
pyexpat.pyd
-
Size
88KB
-
MD5
2caf5263ee09fe0d931b605f05b161b2
-
SHA1
355bc237e490c3aa2dd85671bc564c8cfc427047
-
SHA256
002158272f87cd35743b402274a55ccf1589bd829602a1bf9f18c484ff8e4cac
-
SHA512
1ba3190ee7fceba50965a1c1f2b29802c8081e0b28f47a53176805f7864745334220850f7f2f163e235f0d226ea1c0d28f3895a1207f585be2491d42121167f1
-
SSDEEP
1536:S9kKVCKOxchMctI3V33uxa9Ki1gsmByFtD8y2S0zRKHxQOGrb+8JYaIjLhlF7Sy9:S9XVC3xjctsV3eaIQgJmx2jzRiQvr7RG
Score
7/10
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource pyexpat.pyd
Files
-
pyexpat.pyd.dll windows:6 windows x64 arch:x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
Exports
Exports
Sections
UPX0 Size: - Virtual size: 132KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 72KB - Virtual size: 72KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 3KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE