705e0cc6a490ec61d68920c00234319ac558f92bded5c8935888ca59626a9761

Sharing

Copy URL Twitter E-mail

General

Target

705e0cc6a490ec61d68920c00234319ac558f92bded5c8935888ca59626a9761
Size

76KB
MD5

0077ad8008c972e6d3ae9aef07572e91
SHA1

01dd03e294e04319d29e9d8742de31af3c01d594
SHA256

705e0cc6a490ec61d68920c00234319ac558f92bded5c8935888ca59626a9761
SHA512

ef33c1546d1197de8043acc72222b4044e8fb12b2af02f35040f90b669a743385bad8ed2b95ca7f94d9bf4a6bcdb9c63169b59664b4cb7a4cb464af4f15c5ad6
SSDEEP

1536:W3neH5Et0Acu0INsJP9pftd06eXt0E+7M26cmv4td2zsN9uC3n24qP:ieH3pFpfH06eXt0G26cm4td2zsN9uC24

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
705e0cc6a490ec61d68920c00234319ac558f92bded5c8935888ca59626a9761

Files

705e0cc6a490ec61d68920c00234319ac558f92bded5c8935888ca59626a9761
.dll windows:6 windows x64 arch:x64

a71e7d44cc36ae334edb7bb2acb12e0f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

sdl2

SDL_RWsize
SDL_RWFromFile
SDL_RWseek
SDL_RWread
SDL_RWclose
SDL_RWtell
SDL_MapRGB
SDL_SetPaletteColors
SDL_FreeSurface
SDL_FillRect
SDL_MapRGBA
SDL_CreateRGBSurface
SDL_SetSurfaceBlendMode
SDL_LockSurface
SDL_UnlockSurface
SDL_SetSurfaceAlphaMod
SDL_SetColorKey
SDL_GetError

freetype

FT_Init_FreeType
FT_Done_Glyph
FT_Glyph_To_Bitmap
FT_Matrix_Multiply
FT_Library_Version
FT_Get_Glyph
FT_Vector_Length
FTC_CMapCache_Lookup
FT_Get_Kerning
FT_Outline_Get_CBox
FT_Outline_Embolden
FT_Bitmap_Embolden
FT_MulFix
FT_Vector_Unit
FT_Load_Glyph
FT_Vector_Rotate
FT_Glyph_Transform
FTC_Manager_LookupSize
FTC_Manager_RemoveFaceID
FTC_Manager_New
FT_Open_Face
FTC_CMapCache_New
FTC_Manager_Done
FTC_Manager_LookupFace
FT_Done_FreeType

python39

PyObject_CallMethod
PyMem_Free
PyNumber_Check
PyArg_ParseTupleAndKeywords
PyUnicode_FromEncodedObject
PyExc_TypeError
PyCapsule_Type
PyObject_IsTrue
PyObject_Str
PyTuple_Pack
PyState_FindModule
PyModule_GetState
PyUnicode_FromString
PyObject_Repr
PyNumber_Float
PyArg_ParseTuple
PyMem_Malloc
PyErr_NoMemory
PyBytes_FromStringAndSize
PySequence_Check
_PyObject_CallFunction_SizeT
PyBytes_AsStringAndSize
PyErr_Restore
PyUnicode_AsUCS4Copy
PyExc_UnicodeEncodeError
PyUnicode_GetLength
PyOS_snprintf
PyEval_SaveThread
PyExc_FileNotFoundError
PyEval_RestoreThread
PyExc_RuntimeError
PyNumber_Remainder
PyErr_Occurred
PySequence_GetItem
PyImport_ImportModule
PyModule_AddIntConstant
PyBool_FromLong
PySequence_Size
PyCapsule_New
PyObject_RichCompareBool
PyErr_Clear
PyObject_GetAttrString
PyType_Ready
PyLong_FromLong
PyList_New
PyUnicode_FromFormat
PyLong_AsLong
PyModule_AddObject
PyCapsule_GetPointer
_Py_Dealloc
PyExc_OverflowError
PyType_IsSubtype
PyFloat_Type
PyBool_Type
PyErr_Format
PyLong_FromUnsignedLong
PyExc_ValueError
PyObject_CallFunction
PyErr_SetString
PyBytes_FromFormat
PyExc_AttributeError
PyFloat_FromDouble
_Py_NoneStruct
PyFloat_AsDouble
PyExc_SystemError
Py_BuildValue
PyModule_Create2

kernel32

RtlCaptureContext
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry

vcruntime140

__std_type_info_destroy_list
memset
__C_specific_handler

api-ms-win-crt-string-l1-1-0

strncpy

api-ms-win-crt-runtime-l1-1-0

_initterm
_initterm_e
_seh_filter_dll
_configure_narrow_argv
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit
_cexit
_initialize_narrow_environment

Exports

Exports

PyInit__freetype

Sections

.text
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 704B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a71e7d44cc36ae334edb7bb2acb12e0f

Headers

DLL Characteristics

File Characteristics

Imports

sdl2

freetype

python39

kernel32

vcruntime140

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-runtime-l1-1-0

Exports

Exports

Sections

.text Size: 45KB - Virtual size: 45KB

.rdata Size: 22KB - Virtual size: 21KB

.data Size: 3KB - Virtual size: 4KB

.pdata Size: 3KB - Virtual size: 2KB

.gfids Size: 512B - Virtual size: 16B

.rsrc Size: 512B - Virtual size: 248B

.reloc Size: 1024B - Virtual size: 704B

.text
Size: 45KB - Virtual size: 45KB

.rdata
Size: 22KB - Virtual size: 21KB

.data
Size: 3KB - Virtual size: 4KB

.pdata
Size: 3KB - Virtual size: 2KB

.gfids
Size: 512B - Virtual size: 16B

.rsrc
Size: 512B - Virtual size: 248B

.reloc
Size: 1024B - Virtual size: 704B