General

  • Target

    FeatherSource.zip

  • Size

    27.1MB

  • MD5

    2d981c6e61cbe9e9d30fd2795092640d

  • SHA1

    549dd3490d25dd8de841c59b327d2b392301f19b

  • SHA256

    847daac5698a94a13fe13edf0ec224f49933f5f5d7a9efd2b8b36b3787ee98b8

  • SHA512

    9adb95f0c770cbb42325dae02bda40aa6a9cb71ffd17b4b9105a9aba0771be0da5e09a803a03a3007cdc2eb79fcdcf8770a2cfddb4963e18e6c36d3236c523ac

  • SSDEEP

    786432:ncRDNomRw8+IG0wn9faAawu42MXlMFYHGYUPyJ:cRRE50OaAah42MXlMiKPyJ

Score
3/10

Malware Config

Signatures

  • Embeds OpenSSL 1 IoCs

    Embeds OpenSSL, may be used to circumvent TLS interception.

  • Unsigned PE 26 IoCs

    Checks for missing Authenticode signature.

Files

  • FeatherSource.zip
    .zip
  • Feather/Injector.exe
    .exe windows:6 windows x64 arch:x64

    f4cdcce8b0ac4390caf73cea305a06ef


    Headers

    Imports

    Sections

  • Feather/PIL/_imaging.pyd
    .dll windows:6 windows x64 arch:x64

    156df9e0eab1a0abde7626e3940f17cb


    Headers

    Imports

    Exports

    Sections

  • Feather/PIL/_imagingcms.pyd
    .dll windows:6 windows x64 arch:x64

    c52681962d6dfd537ba6b18b96b4459b


    Headers

    Imports

    Exports

    Sections

  • Feather/PIL/_imagingft.pyd
    .dll windows:6 windows x64 arch:x64

    8b20ff338174856c13124bee51c95410


    Headers

    Imports

    Exports

    Sections

  • Feather/PIL/_imagingmath.pyd
    .dll windows:6 windows x64 arch:x64

    b2bccec73304209ea594d25834e5986d


    Headers

    Imports

    Exports

    Sections

  • Feather/PIL/_webp.pyd
    .dll windows:6 windows x64 arch:x64

    3a9060682d2933e20e90132d6f22bcff


    Headers

    Imports

    Exports

    Sections

  • Feather/_asyncio.pyd
    .dll windows:6 windows x64 arch:x64

    04f465ecd8eff83e2c18078c8c25456e


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Feather/_bz2.pyd
    .dll windows:6 windows x64 arch:x64

    d0a62ab71a2b2ca69c6aba1f0a37fcdd


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Feather/_cffi_backend.pyd
    .dll windows:6 windows x64 arch:x64

    1f8568e4a2373d2e7c1bf07e57b0e0f4


    Headers

    Imports

    Exports

    Sections

  • Feather/_ctypes.pyd
    .dll windows:6 windows x64 arch:x64

    de64e4a0e2dbc68a0b413ce8099db5c3


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Feather/_decimal.pyd
    .dll windows:6 windows x64 arch:x64

    73c2b50451f272a440f47564c3cbd631


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Feather/_elementtree.pyd
    .dll windows:6 windows x64 arch:x64

    3581bde43d1dd1999267ea7f27542ab4


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Feather/_hashlib.pyd
    .dll windows:6 windows x64 arch:x64

    b3b294bbb4a8941fd67b11ccbe0be65b


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Feather/_lzma.pyd
    .dll windows:6 windows x64 arch:x64

    c39c7a021b2adfc11bb34f105f70355e


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Feather/_multiprocessing.pyd
    .dll windows:6 windows x64 arch:x64

    ad5e2bc3f4742dadfaf9e74afc91a9f0


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Feather/_overlapped.pyd
    .dll windows:6 windows x64 arch:x64

    48664681fdde7330197ca0b81cd0888e


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Feather/_queue.pyd
    .dll windows:6 windows x64 arch:x64

    d39104d594ed5774205f94197c63bfbc


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Feather/_socket.pyd
    .dll .js windows:6 windows x64 arch:x64 polyglot

    332065e5d19d708832b034da27e5571a


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Feather/_ssl.pyd
    .dll windows:6 windows x64 arch:x64

    f5dfcd62c36effcb7c07509271acfce1


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Feather/_tkinter.pyd
    .dll windows:6 windows x64 arch:x64

    0adc033df6a324c49005147ed2721b11


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Feather/_uuid.pyd
    .dll windows:6 windows x64 arch:x64

    368b62645c11988f8173cf8bdd0fea25


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Feather/aiohttp/_helpers.pyd
    .dll windows:6 windows x64 arch:x64

    8a6c993130c92800c410eda1a7de6037


    Headers

    Imports

    Exports

    Sections

  • Feather/aiohttp/_http_parser.pyd
    .dll windows:6 windows x64 arch:x64

    8e0bd8611dca4fcb60a3e7ecef993738


    Headers

    Imports

    Exports

    Sections

  • Feather/aiohttp/_http_writer.pyd
    .dll windows:6 windows x64 arch:x64

    ed2056a2d56817e430a85e944ca14edf


    Headers

    Imports

    Exports

    Sections

  • Feather/aiohttp/_websocket.pyd
    .dll windows:6 windows x64 arch:x64

    e6a0c51f708f0ac5c84d953137e3feb6


    Headers

    Imports

    Exports

    Sections

  • Feather/certifi/cacert.pem
  • Feather/charset_normalizer/md.pyd
    .dll windows:6 windows x64 arch:x64

    f8c0f377107b03e523f21dcf227dcf24


    Headers

    Imports

    Exports

    Sections

  • Feather/charset_normalizer/md__mypyc.pyd
    .dll windows:6 windows x64 arch:x64

    feb2f48749cb30e4f1a2a48b5a94a37c


    Headers

    Imports

    Exports

    Sections

  • Feather/cryptography/hazmat/bindings/_rust.pyd
    .dll windows:6 windows x64 arch:x64

    1aaf19e6e21696d67018db32daf0d41d


    Headers

    Imports

    Exports

    Sections

  • Feather/frozenlist/_frozenlist.pyd
    .dll windows:6 windows x64 arch:x64

    6e5f989956fe9e73b13776cbcb8e910a


    Headers

    Imports

    Exports

    Sections

  • Feather/libcrypto-1_1.dll
    .dll windows:6 windows x64 arch:x64

    11f2ed72076bbf7871eb95fd5b4e84b0


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Feather/libffi-8.dll
    .dll windows:6 windows x64 arch:x64

    3dc8b86d60f90a1851eee5f9dc191312


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Feather/libssl-1_1.dll
    .dll windows:6 windows x64 arch:x64

    3adf02a15243fccc51beb2b37fbf071d


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Feather/multidict/_multidict.pyd
    .dll windows:6 windows x64 arch:x64

    bf987799b97a41247562f3f76977e7d5


    Headers

    Imports

    Exports

    Sections

  • Feather/psutil/_psutil_windows.pyd
    .dll windows:6 windows x64 arch:x64

    7655a95700b7d9f6fc1f226e258e1235


    Headers

    Imports

    Exports

    Sections

  • Feather/pyexpat.pyd
    .dll windows:6 windows x64 arch:x64

    c1efb4aba5d0a4e13411d9eacdb4e8d6


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Feather/python3.dll
    .dll windows:6 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • Feather/python311.dll
    .dll windows:6 windows x64 arch:x64

    7bcba99f43dec2147effa329c42a4378


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Feather/pythoncom311.dll
    .dll windows:6 windows x64 arch:x64

    1b264cd576a6b6117b47db03980bc455


    Headers

    Imports

    Exports

    Sections

  • Feather/pywintypes311.dll
    .dll windows:6 windows x64 arch:x64

    5b71a076f0c32bb52117188a36e3fec6


    Headers

    Imports

    Exports

    Sections

  • Feather/select.pyd
    .dll windows:6 windows x64 arch:x64

    fc4f7d736924aa67a1bd7b7b80894df9


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Feather/tcl86t.dll
    .dll windows:6 windows x64 arch:x64

    63f8d50bc57576c5767c793bd6b231e3


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Feather/tk86t.dll
    .dll windows:6 windows x64 arch:x64

    122ccc329f9b840c1d56dabb6d865c8e


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Feather/unicodedata.pyd
    .dll windows:6 windows x64 arch:x64

    bb6f6d951dbdd290ecf382ca57459172


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Feather/vcruntime140.dll
    .dll windows:6 windows x64 arch:x64

    7f07fd94e5bb907093556781cc464017


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Feather/vcruntime140_1.dll
    .dll windows:6 windows x64 arch:x64

    bf380ca954cbf10d1a4cef9ec18e46fd


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Feather/win32api.pyd
    .dll windows:6 windows x64 arch:x64

    2000df8846b8f315bdc5cce6da06b275


    Headers

    Imports

    Exports

    Sections

  • Feather/win32clipboard.pyd
    .dll windows:6 windows x64 arch:x64

    6590f9e16ffe4a803450d945792e846e


    Headers

    Imports

    Exports

    Sections

  • Feather/win32gui.pyd
    .dll windows:6 windows x64 arch:x64

    43844ac41b302cdc6cb7d5f7d6fcc995


    Headers

    Imports

    Exports

    Sections

  • Feather/win32process.pyd
    .dll windows:6 windows x64 arch:x64

    f53ca7fceaa6b605e5f94ce576a4f328


    Headers

    Imports

    Exports

    Sections

  • Feather/yarl/_quoting_c.pyd
    .dll windows:6 windows x64 arch:x64

    fbdabb1c96f66eac02c4b13f933a3c8d


    Headers

    Imports

    Exports

    Sections

  • Feather/zstandard/_cffi.pyd
    .dll windows:6 windows x64 arch:x64

    a4f663bc77d2671c859ff6226656a2fb


    Headers

    Imports

    Exports

    Sections

  • Feather/zstandard/backend_c.pyd
    .dll windows:6 windows x64 arch:x64

    0c4c253e719bb538a4188bc610bcddb7


    Headers

    Imports

    Exports

    Sections

  • FeatherModule/module.lua
    .js
  • FeatherModule/u.lua
    .js