c140bfcbf010e7ac0d3932159b882cf3a8262808b11806444c3ca9a4481e5466

Sharing

Copy URL Twitter E-mail

General

Target

c140bfcbf010e7ac0d3932159b882cf3a8262808b11806444c3ca9a4481e5466
Size

13KB
MD5

f1d1833c799c236dd09d68672aa1637d
SHA1

3ee4805bcb181770328146a10972305945ec3f65
SHA256

c140bfcbf010e7ac0d3932159b882cf3a8262808b11806444c3ca9a4481e5466
SHA512

a337092a0b0934dbf769bf6a1af978293b6834e7268ae60d04520d0ade8b9f3524ce0f6f17fea142f1f8ee449c494ee19ef47fc4fc22ef1b7690abdf315ec5eb
SSDEEP

384:EpIXoiyQ/dH5TUuFJ+OL9jEAGqQtxhVk/:QkoiyQVZVHLBqqQ4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c140bfcbf010e7ac0d3932159b882cf3a8262808b11806444c3ca9a4481e5466

Files

c140bfcbf010e7ac0d3932159b882cf3a8262808b11806444c3ca9a4481e5466
.dll windows:6 windows x86 arch:x86

2568d907b803845b4f05c54c51ab9ab0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

python35

PyTuple_New
PyErr_SetString
PyExc_ValueError
PyTuple_GetItem
PyModule_Create2
PyTuple_Size
PyTuple_SetItem
PyObject_CallObject
PyArg_ParseTuple
PyFloat_AsDouble
Py_BuildValue
PyExc_RuntimeError
PyOS_snprintf

kernel32

DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter

vcruntime140

longjmp
__telemetry_main_invoke_trigger
__telemetry_main_return_trigger
__std_type_info_destroy_list
memset
_except_handler4_common
_setjmp3

api-ms-win-crt-runtime-l1-1-0

_seh_filter_dll
_cexit
_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_initterm_e
_initterm

api-ms-win-crt-math-l1-1-0

_libm_sse2_sqrt_precise

Exports

Exports

PyInit__zeros

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2568d907b803845b4f05c54c51ab9ab0

Headers

DLL Characteristics

File Characteristics

Imports

python35

kernel32

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-math-l1-1-0

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 7KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 1KB

.gfids Size: 512B - Virtual size: 20B

.rsrc Size: 512B - Virtual size: 248B

.reloc Size: 512B - Virtual size: 512B

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 1KB

.gfids
Size: 512B - Virtual size: 20B

.rsrc
Size: 512B - Virtual size: 248B

.reloc
Size: 512B - Virtual size: 512B