af4c406e9ed0b2ff310c3810ee695c50N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

af4c406e9ed0b2ff310c3810ee695c50N.exe
Size

20KB
MD5

af4c406e9ed0b2ff310c3810ee695c50
SHA1

85fef4577e9a830ccf219fdaea5b3fe5018515b5
SHA256

05fe5530ae9d52151c262c6fba2941f673c177ab8b8ed7f792ca6307ab0b2f86
SHA512

c68482fb723290ec6c1039e919958eaa7916299c5bc625766e3e75b28177e42834355c50ccd4f8c4793dd89d53a411ea7db9f9d0ea8c07ad74529d2c3da2d18f
SSDEEP

384:h+VEcDDjG4sh9Jxt1jpZ/qfxJC6GYLl1k2eq54rr44444444444r4444SG7JSz:h+5DjA99HZ/qfxJCTYgK54rr4444444M

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
af4c406e9ed0b2ff310c3810ee695c50N.exe

Files

af4c406e9ed0b2ff310c3810ee695c50N.exe
.dll windows:4 windows x64 arch:x64

b6783b34d27c47ba1facc4f9411660e4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

libpython3.9

PyDict_New
PyDict_SetItemString
PyErr_NoMemory
PyLong_FromLong
PyLong_FromSsize_t
PyModule_AddObject
PyModule_Create2
PyThreadState_Get
PyUnicode_FromWideChar
_Py_Dealloc
_Py_GetConfigsAsDict
_Py_NoneStruct
_Py_hashtable_clear
_Py_hashtable_compare_direct
_Py_hashtable_destroy
_Py_hashtable_foreach
_Py_hashtable_get
_Py_hashtable_new
_Py_hashtable_set
_Py_hashtable_steal

kernel32

DeleteCriticalSection
EnterCriticalSection
FreeLibrary
GetLastError
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetProcAddress
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
Sleep
TlsGetValue
VirtualProtect
VirtualQuery

msvcrt

__iob_func
_amsg_exit
_assert
_initterm
_lock
_unlock
abort
calloc
free
fwrite
memcpy
realloc
strlen
strncmp
vfprintf

Exports

Exports

PyInit__testinternalcapi

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 416B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.eh_fram
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 612B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 552B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 352B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 115B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 116B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b6783b34d27c47ba1facc4f9411660e4

Headers

DLL Characteristics

File Characteristics

Imports

libpython3.9

kernel32

msvcrt

Exports

Exports

Sections

.text Size: 9KB - Virtual size: 8KB

.data Size: 512B - Virtual size: 416B

.rdata Size: 3KB - Virtual size: 2KB

.eh_fram Size: 512B - Virtual size: 4B

.pdata Size: 1024B - Virtual size: 612B

.xdata Size: 1024B - Virtual size: 552B

.bss Size: - Virtual size: 352B

.edata Size: 512B - Virtual size: 115B

.idata Size: 2KB - Virtual size: 2KB

.CRT Size: 512B - Virtual size: 88B

.tls Size: 512B - Virtual size: 16B

.reloc Size: 512B - Virtual size: 116B

.text
Size: 9KB - Virtual size: 8KB

.data
Size: 512B - Virtual size: 416B

.rdata
Size: 3KB - Virtual size: 2KB

.eh_fram
Size: 512B - Virtual size: 4B

.pdata
Size: 1024B - Virtual size: 612B

.xdata
Size: 1024B - Virtual size: 552B

.bss
Size: - Virtual size: 352B

.edata
Size: 512B - Virtual size: 115B

.idata
Size: 2KB - Virtual size: 2KB

.CRT
Size: 512B - Virtual size: 88B

.tls
Size: 512B - Virtual size: 16B

.reloc
Size: 512B - Virtual size: 116B