6467ba9cbf4a3373eb52c5e7389d11680725e9f7ffd72b41b03fc4924ec8896e

General

Target

6467ba9cbf4a3373eb52c5e7389d11680725e9f7ffd72b41b03fc4924ec8896e
Size

10KB
MD5

637d1239f28e2df2e1361cfa4cf03eb4
SHA1

11d6ff9cc8fd3aa12a9247fa105583a0b65fe13b
SHA256

6467ba9cbf4a3373eb52c5e7389d11680725e9f7ffd72b41b03fc4924ec8896e
SHA512

ebe7c3802ecec663ece32795cac7e86bd7ad36bbd0b5fc71130878946c8aae41569809f10fa8b5a13ce8043b33463c347b7faa60bcb0318306b312f7995f5076
SSDEEP

192:uAzdovkg3gbdB0SNXU+dHYP+eT68Y/WJjpjO2CBSCmwKeTRW1MVn5hE:uwmgbX0SdU+6OuJljLCxHKeTEcnfE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6467ba9cbf4a3373eb52c5e7389d11680725e9f7ffd72b41b03fc4924ec8896e

Files

6467ba9cbf4a3373eb52c5e7389d11680725e9f7ffd72b41b03fc4924ec8896e
.dll windows:6 windows x86 arch:x86

4e181d8a833e3e784e7a99f3568ea3f2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

python37

_Py_NoneStruct
PyBytes_FromString
PyErr_SetString
_Py_BuildValue_SizeT
_PyObject_CallFunction_SizeT
_PyBytes_Join
PyExc_ValueError
PyErr_Format
_PyArg_ParseTuple_SizeT
PyModule_Create2
PyObject_GetAttrString
PyBytes_Type
PyBytes_Size
PyErr_NoMemory
PyBytes_FromStringAndSize
PyExc_TypeError
PyExc_AssertionError
PyLong_FromLong
PyImport_ImportModule

kernel32

GetCurrentThreadId
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
UnhandledExceptionFilter

vcruntime140

memset
_except_handler4_common
__std_type_info_destroy_list
memcpy

api-ms-win-crt-runtime-l1-1-0

_cexit
_execute_onexit_table
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm

Exports

Exports

PyInit__pack

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 456B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4e181d8a833e3e784e7a99f3568ea3f2

Headers

DLL Characteristics

File Characteristics

Imports

python37

kernel32

vcruntime140

api-ms-win-crt-runtime-l1-1-0

Exports

Exports

Sections

.text Size: 5KB - Virtual size: 4KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 1016B

.rsrc Size: 512B - Virtual size: 248B

.reloc Size: 512B - Virtual size: 456B

.text
Size: 5KB - Virtual size: 4KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 1016B

.rsrc
Size: 512B - Virtual size: 248B

.reloc
Size: 512B - Virtual size: 456B