503f9ebea76eda0c26494aa927b5a6b4bb05fbbfb95fed20abed61e2e29edc9f

Sharing

Copy URL Twitter E-mail

General

Target

503f9ebea76eda0c26494aa927b5a6b4bb05fbbfb95fed20abed61e2e29edc9f
Size

263KB
MD5

9cd6a33e39758ea977881a7a5165e21f
SHA1

65e75457ea1256f4a8484efa84b30a5d4a2f01d7
SHA256

503f9ebea76eda0c26494aa927b5a6b4bb05fbbfb95fed20abed61e2e29edc9f
SHA512

40401161bd2ff33a16a5e156bbc99a678021faa6b8dc02790149eee68dd5919a2c270c5eddba9ea09a37138ea74b5d3c6e6c5f6da9a5aa464e6e0fa7b5f93644
SSDEEP

3072:DQmY1RZ1yIykorur1H4goO0110PcZRa4vlu3JOXQm63tjoFsWuBc+vGY0WW0hgWA:MrEtRrxoF33tjoFZy70WW0hgWz72R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
503f9ebea76eda0c26494aa927b5a6b4bb05fbbfb95fed20abed61e2e29edc9f

Files

503f9ebea76eda0c26494aa927b5a6b4bb05fbbfb95fed20abed61e2e29edc9f
.dll windows:4 windows x86 arch:x86

b68dd92ee3e8a5b62699aadf035128a7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
FreeLibrary
GetLastError
GetModuleHandleA
GetProcAddress
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
TlsGetValue
VirtualProtect
VirtualQuery

msvcrt

__dllonexit
_assert
_errno
_iob
abort
calloc
fflush
free
fwrite
malloc
memcpy
memset
printf
strcmp
strcpy
strlen
strncmp
strncpy
strstr
vfprintf

python37

PyArg_UnpackTuple
PyBool_FromLong
PyBytes_AsStringAndSize
PyBytes_FromStringAndSize
PyCFunction_NewEx
PyCFunction_Type
PyCapsule_GetPointer
PyCapsule_Import
PyCapsule_New
PyDict_GetItem
PyDict_New
PyDict_SetItem
PyDict_SetItemString
PyErr_Clear
PyErr_Fetch
PyErr_Format
PyErr_GivenExceptionMatches
PyErr_Occurred
PyErr_Restore
PyErr_SetObject
PyErr_SetString
PyErr_WriteUnraisable
PyExc_AttributeError
PyExc_IOError
PyExc_IndexError
PyExc_MemoryError
PyExc_OverflowError
PyExc_RuntimeError
PyExc_SyntaxError
PyExc_SystemError
PyExc_TypeError
PyExc_ValueError
PyExc_ZeroDivisionError
PyFloat_AsDouble
PyFloat_FromDouble
PyFloat_Type
PyImport_AddModule
PyInstanceMethod_New
PyList_Append
PyList_New
PyList_SetItem
PyLong_AsDouble
PyLong_AsLong
PyLong_AsUnsignedLong
PyLong_FromLong
PyLong_FromSize_t
PyLong_FromUnsignedLong
PyLong_FromVoidPtr
PyModule_AddObject
PyModule_Create2
PyModule_GetDict
PyOS_snprintf
PyObject_Call
PyObject_CallFunction
PyObject_Free
PyObject_GenericGetAttr
PyObject_GetAttr
PyObject_GetAttrString
PyObject_Init
PyObject_IsInstance
PyObject_IsTrue
PyObject_Malloc
PyObject_SetAttr
PyObject_Str
PyStaticMethod_New
PyTuple_New
PyTuple_SetItem
PyType_IsSubtype
PyType_Ready
PyType_Type
PyUnicode_AsUTF8String
PyUnicode_Concat
PyUnicode_DecodeUTF8
PyUnicode_Format
PyUnicode_FromFormat
PyUnicode_FromString
PyUnicode_InternFromString
Py_DecRef
_PyObject_New
_Py_NoneStruct
_Py_NotImplementedStruct

libftdi1

ftdi_deinit
ftdi_disable_bitbang
ftdi_eeprom_build
ftdi_eeprom_decode
ftdi_eeprom_get_strings
ftdi_eeprom_initdefaults
ftdi_eeprom_set_strings
ftdi_erase_eeprom
ftdi_free
ftdi_get_eeprom_buf
ftdi_get_eeprom_value
ftdi_get_error_string
ftdi_get_latency_timer
ftdi_get_library_version
ftdi_init
ftdi_list_free
ftdi_list_free2
ftdi_new
ftdi_poll_modem_status
ftdi_read_chipid
ftdi_read_data
ftdi_read_data_get_chunksize
ftdi_read_data_set_chunksize
ftdi_read_data_submit
ftdi_read_eeprom
ftdi_read_eeprom_location
ftdi_read_pins
ftdi_readstream
ftdi_set_baudrate
ftdi_set_bitmode
ftdi_set_eeprom_buf
ftdi_set_eeprom_user_data
ftdi_set_eeprom_value
ftdi_set_error_char
ftdi_set_event_char
ftdi_set_interface
ftdi_set_latency_timer
ftdi_set_line_property
ftdi_set_line_property2
ftdi_set_usbdev
ftdi_setdtr
ftdi_setdtr_rts
ftdi_setflowctrl
ftdi_setrts
ftdi_transfer_data_cancel
ftdi_transfer_data_done
ftdi_usb_close
ftdi_usb_find_all
ftdi_usb_get_strings
ftdi_usb_get_strings2
ftdi_usb_open
ftdi_usb_open_bus_addr
ftdi_usb_open_desc
ftdi_usb_open_desc_index
ftdi_usb_open_dev
ftdi_usb_open_string
ftdi_usb_purge_buffers
ftdi_usb_purge_rx_buffer
ftdi_usb_purge_tx_buffer
ftdi_usb_reset
ftdi_write_data
ftdi_write_data_get_chunksize
ftdi_write_data_set_chunksize
ftdi_write_data_submit
ftdi_write_eeprom
ftdi_write_eeprom_location

Exports

Exports

PyInit__ftdi1

Sections

.text
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 61KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 1012B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 75B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b68dd92ee3e8a5b62699aadf035128a7

Headers

File Characteristics

Imports

kernel32

msvcrt

python37

libftdi1

Exports

Exports

Sections

.text Size: 104KB - Virtual size: 103KB

.data Size: 6KB - Virtual size: 6KB

.rdata Size: 61KB - Virtual size: 60KB

/4 Size: 14KB - Virtual size: 13KB

.bss Size: - Virtual size: 1012B

.edata Size: 512B - Virtual size: 75B

.idata Size: 6KB - Virtual size: 5KB

.CRT Size: 512B - Virtual size: 24B

.tls Size: 512B - Virtual size: 32B

.reloc Size: 6KB - Virtual size: 5KB

.text
Size: 104KB - Virtual size: 103KB

.data
Size: 6KB - Virtual size: 6KB

.rdata
Size: 61KB - Virtual size: 60KB

/4
Size: 14KB - Virtual size: 13KB

.bss
Size: - Virtual size: 1012B

.edata
Size: 512B - Virtual size: 75B

.idata
Size: 6KB - Virtual size: 5KB

.CRT
Size: 512B - Virtual size: 24B

.tls
Size: 512B - Virtual size: 32B

.reloc
Size: 6KB - Virtual size: 5KB