C:\Users\martin\33\python\PCbuild\python33.pdb
Static task
static1
1 signatures
General
-
Target
python33.dll
-
Size
2.5MB
-
MD5
943fc617654d068d653ade0103dd73ab
-
SHA1
9c658e3db22398a8cb902410943783cd499538f6
-
SHA256
64dfbec6bd41b8114bb1c86cdb53f32459dd62fc689ee617f431807e2caf607e
-
SHA512
e1be54a242f3b0a6f2ff6608412c467d31741c0429f36a7aa8773089c48dd2c9d75903899c5760a2646ff159425bb571e119d42c21b73d0112e8f6705427630b
-
SSDEEP
49152:nAuuQ+bluxfZbeYjhnF+mtrTBFFOanriCT/MItVHnSniMlaP0sMY1f:tuQTlF+mtr7FO+rf5jHSiMlfsH
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource python33.dll
Files
-
python33.dll.dll windows:5 windows x86 arch:x86
2ff590c68105a101f00f6d873cf01f6c
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
Imports
kernel32
SetCurrentDirectoryW
FindClose
FindFirstFileA
FindFirstFileW
GetProcAddress
GetModuleHandleW
GetFileInformationByHandle
CreateFileW
GetFileType
GetFileAttributesA
GetFileAttributesW
SetFileAttributesA
SetFileAttributesW
CreateHardLinkA
CreateHardLinkW
FindNextFileA
FindNextFileW
GetFullPathNameA
GetFullPathNameW
CreateDirectoryA
CreateDirectoryW
MoveFileExA
MoveFileExW
RemoveDirectoryA
RemoveDirectoryW
DeleteFileW
GetFileAttributesExW
DeleteFileA
SetFileTime
SystemTimeToFileTime
GetSystemTime
CreateFileA
Process32Next
Process32First
CreateToolhelp32Snapshot
TerminateProcess
OpenProcess
GenerateConsoleCtrlEvent
GetProcessTimes
CreatePipe
GetDiskFreeSpaceExW
GetConsoleScreenBufferInfo
GetStdHandle
SetEvent
CreateEventA
GetSystemTimeAdjustment
GetTickCount
GetVersionExA
GetCurrentDirectoryW
WaitForSingleObject
ResetEvent
GetModuleHandleA
GetOverlappedResult
CancelIo
ConnectNamedPipe
CreateNamedPipeA
CreateProcessW
ExitProcess
GetExitCodeProcess
GetModuleFileNameW
GetVersion
PeekNamedPipe
ReadFile
SetNamedPipeHandleState
WaitNamedPipeA
WaitForMultipleObjects
WriteFile
IsDBCSLeadByteEx
WideCharToMultiByte
MultiByteToWideChar
ExpandEnvironmentStringsW
LoadLibraryExW
SetErrorMode
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
CreateSemaphoreA
ReleaseSemaphore
FreeLibrary
FormatMessageW
LocalFree
GetConsoleOutputCP
GetConsoleCP
GetSystemTimeAsFileTime
OutputDebugStringW
HeapFree
GetProcessHeap
TlsAlloc
TlsFree
TlsSetValue
TlsGetValue
HeapAlloc
GetCurrentThreadId
IsProcessorFeaturePresent
IsDebuggerPresent
SetUnhandledExceptionFilter
SetLastError
SetEnvironmentVariableW
SetCurrentDirectoryA
GetCurrentDirectoryA
SetEnvironmentVariableA
DeviceIoControl
GetCurrentProcess
DuplicateHandle
FlushViewOfFile
SetFilePointer
SetEndOfFile
CreateFileMappingA
MapViewOfFile
GetFileSize
GetLastError
UnmapViewOfFile
CloseHandle
GetSystemInfo
QueryPerformanceFrequency
QueryPerformanceCounter
GetACP
Sleep
GetLocaleInfoA
UnhandledExceptionFilter
InterlockedCompareExchange
InterlockedExchange
DecodePointer
EncodePointer
GetCurrentProcessId
user32
CharPrevExA
LoadStringA
advapi32
RegSetValueW
RegSaveKeyW
RegQueryValueExW
RegQueryValueW
RegQueryInfoKeyA
RegOpenKeyExW
RegLoadKeyW
RegFlushKey
RegQueryInfoKeyW
RegEnumValueW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegCreateKeyW
RegConnectRegistryW
RegCloseKey
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
GetUserNameW
RegSetValueExW
shell32
ShellExecuteW
ShellExecuteA
msvcr100
setlocale
localeconv
free
wcscoll
wcsxfrm
malloc
_finite
_CIexp
_HUGE
_errno
_isnan
_CIsqrt
_copysign
realloc
memset
memcpy
strtol
_time64
tolower
isalnum
isspace
memmove
isdigit
memchr
_CIatan2
_hypot
_CIsin
_CIsinh
_CIcos
_CIcosh
ldexp
_CItan
_CItanh
_gmtime64
_localtime64
_mktime64
ceil
floor
sprintf
modf
raise
signal
_exit
abort
_set_abort_behavior
getenv
_fstat64i32
fputs
fprintf
__iob_func
fclose
fopen
ungetc
getc
strerror
setvbuf
_setmode
wcstok
_wgetenv
_CIfmod
_CIpow
frexp
_CIlog10
acos
asin
atan
cos
cosh
exp
fabs
sin
sinh
sqrt
tan
tanh
_get_osfhandle
_msize
__pioinfo
wcschr
_wenviron
strncmp
wcsncmp
_wcsicmp
wcsrchr
_commit
_wsystem
_spawnv
_spawnve
_cwait
_wopen
_lseeki64
_open_osfhandle
_wputenv
strrchr
clock
strftime
fread
ftell
fseek
strncpy
__control87_2
ferror
fwrite
clearerr
fputc
qsort
wcstombs
wcsncpy
mbstowcs
printf
exit
isalpha
feof
fgets
fflush
isxdigit
_heapmin
_locking
_kbhit
_getch
_getwch
_getche
_getwche
_putch
_putwch
_ungetch
_ungetwch
strtoul
__sys_errlist
__sys_nerr
_wstat64i32
_wfopen
_wgetcwd
putc
_vsnprintf
atoi
rewind
_resetstkoflw
_endthreadex
_beginthreadex
_except_handler4_common
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
__CppXcptFilter
_crt_debugger_hook
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
strchr
strcmp
_dup
_dup2
_read
_stricmp
_timezone
_tzset
_CIlog
_strdup
_tzname
_daylight
_write
_isatty
_fileno
_lseek
_getcwd
_umask
_execv
_execve
_getpid
_open
_close
_fdopen
Exports
Exports
PyAST_Compile
PyAST_CompileEx
PyAST_FromNode
PyAST_Validate
PyArena_AddPyObject
PyArena_Free
PyArena_Malloc
PyArena_New
PyArg_Parse
PyArg_ParseTuple
PyArg_ParseTupleAndKeywords
PyArg_UnpackTuple
PyArg_VaParse
PyArg_VaParseTupleAndKeywords
PyArg_ValidateKeywordArguments
PyBaseObject_Type
PyBool_FromLong
PyBool_Type
PyBuffer_FillContiguousStrides
PyBuffer_FillInfo
PyBuffer_FromContiguous
PyBuffer_GetPointer
PyBuffer_IsContiguous
PyBuffer_Release
PyBuffer_ToContiguous
PyByteArrayIter_Type
PyByteArray_AsString
PyByteArray_Concat
PyByteArray_Fini
PyByteArray_FromObject
PyByteArray_FromStringAndSize
PyByteArray_Init
PyByteArray_Resize
PyByteArray_Size
PyByteArray_Type
PyBytesIter_Type
PyBytes_AsString
PyBytes_AsStringAndSize
PyBytes_Concat
PyBytes_ConcatAndDel
PyBytes_DecodeEscape
PyBytes_Fini
PyBytes_FromFormat
PyBytes_FromFormatV
PyBytes_FromObject
PyBytes_FromString
PyBytes_FromStringAndSize
PyBytes_Repr
PyBytes_Size
PyBytes_Type
PyCFunction_Call
PyCFunction_ClearFreeList
PyCFunction_Fini
PyCFunction_GetFlags
PyCFunction_GetFunction
PyCFunction_GetSelf
PyCFunction_New
PyCFunction_NewEx
PyCFunction_Type
PyCallIter_New
PyCallIter_Type
PyCallable_Check
PyCapsule_GetContext
PyCapsule_GetDestructor
PyCapsule_GetName
PyCapsule_GetPointer
PyCapsule_Import
PyCapsule_IsValid
PyCapsule_New
PyCapsule_SetContext
PyCapsule_SetDestructor
PyCapsule_SetName
PyCapsule_SetPointer
PyCapsule_Type
PyCell_Get
PyCell_New
PyCell_Set
PyCell_Type
PyClassMethodDescr_Type
PyClassMethod_New
PyClassMethod_Type
PyCode_Addr2Line
PyCode_New
PyCode_NewEmpty
PyCode_Optimize
PyCode_Type
PyCodec_BackslashReplaceErrors
PyCodec_Decode
PyCodec_Decoder
PyCodec_Encode
PyCodec_Encoder
PyCodec_IgnoreErrors
PyCodec_IncrementalDecoder
PyCodec_IncrementalEncoder
PyCodec_KnownEncoding
PyCodec_LookupError
PyCodec_Register
PyCodec_RegisterError
PyCodec_ReplaceErrors
PyCodec_StreamReader
PyCodec_StreamWriter
PyCodec_StrictErrors
PyCodec_XMLCharRefReplaceErrors
PyComplex_AsCComplex
PyComplex_FromCComplex
PyComplex_FromDoubles
PyComplex_ImagAsDouble
PyComplex_RealAsDouble
PyComplex_Type
PyDescr_NewClassMethod
PyDescr_NewGetSet
PyDescr_NewMember
PyDescr_NewMethod
PyDescr_NewWrapper
PyDictItems_Type
PyDictIterItem_Type
PyDictIterKey_Type
PyDictIterValue_Type
PyDictKeys_Type
PyDictProxy_New
PyDictProxy_Type
PyDictValues_Type
PyDict_Clear
PyDict_ClearFreeList
PyDict_Contains
PyDict_Copy
PyDict_DelItem
PyDict_DelItemString
PyDict_Fini
PyDict_GetItem
PyDict_GetItemString
PyDict_GetItemWithError
PyDict_Items
PyDict_Keys
PyDict_Merge
PyDict_MergeFromSeq2
PyDict_New
PyDict_Next
PyDict_SetItem
PyDict_SetItemString
PyDict_Size
PyDict_Type
PyDict_Update
PyDict_Values
PyEllipsis_Type
PyEnum_Type
PyErr_BadArgument
PyErr_BadInternalCall
PyErr_CheckSignals
PyErr_Clear
PyErr_Display
PyErr_ExceptionMatches
PyErr_Fetch
PyErr_Format
PyErr_GetExcInfo
PyErr_GivenExceptionMatches
PyErr_NewException
PyErr_NewExceptionWithDoc
PyErr_NoMemory
PyErr_NormalizeException
PyErr_Occurred
PyErr_Print
PyErr_PrintEx
PyErr_ProgramText
PyErr_Restore
PyErr_SetExcFromWindowsErr
PyErr_SetExcFromWindowsErrWithFilename
PyErr_SetExcFromWindowsErrWithFilenameObject
PyErr_SetExcFromWindowsErrWithUnicodeFilename
PyErr_SetExcInfo
PyErr_SetFromErrno
PyErr_SetFromErrnoWithFilename
PyErr_SetFromErrnoWithFilenameObject
PyErr_SetFromErrnoWithUnicodeFilename
PyErr_SetFromWindowsErr
PyErr_SetFromWindowsErrWithFilename
PyErr_SetFromWindowsErrWithUnicodeFilename
PyErr_SetImportError
PyErr_SetInterrupt
PyErr_SetNone
PyErr_SetObject
PyErr_SetString
PyErr_SyntaxLocation
PyErr_SyntaxLocationEx
PyErr_Warn
PyErr_WarnEx
PyErr_WarnExplicit
PyErr_WarnFormat
PyErr_WriteUnraisable
PyEval_AcquireLock
PyEval_AcquireThread
PyEval_CallFunction
PyEval_CallMethod
PyEval_CallObjectWithKeywords
PyEval_EvalCode
PyEval_EvalCodeEx
PyEval_EvalFrame
PyEval_EvalFrameEx
PyEval_GetBuiltins
PyEval_GetCallStats
PyEval_GetFrame
PyEval_GetFuncDesc
PyEval_GetFuncName
PyEval_GetGlobals
PyEval_GetLocals
PyEval_InitThreads
PyEval_MergeCompilerFlags
PyEval_ReInitThreads
PyEval_ReleaseLock
PyEval_ReleaseThread
PyEval_RestoreThread
PyEval_SaveThread
PyEval_SetProfile
PyEval_SetTrace
PyEval_ThreadsInitialized
PyExc_ArithmeticError
PyExc_AssertionError
PyExc_AttributeError
PyExc_BaseException
PyExc_BlockingIOError
PyExc_BrokenPipeError
PyExc_BufferError
PyExc_BytesWarning
PyExc_ChildProcessError
PyExc_ConnectionAbortedError
PyExc_ConnectionError
PyExc_ConnectionRefusedError
PyExc_ConnectionResetError
PyExc_DeprecationWarning
PyExc_EOFError
PyExc_EnvironmentError
PyExc_Exception
PyExc_FileExistsError
PyExc_FileNotFoundError
PyExc_FloatingPointError
PyExc_FutureWarning
PyExc_GeneratorExit
PyExc_IOError
PyExc_ImportError
PyExc_ImportWarning
PyExc_IndentationError
PyExc_IndexError
PyExc_InterruptedError
PyExc_IsADirectoryError
PyExc_KeyError
PyExc_KeyboardInterrupt
PyExc_LookupError
PyExc_MemoryError
PyExc_NameError
PyExc_NotADirectoryError
PyExc_NotImplementedError
PyExc_OSError
PyExc_OverflowError
PyExc_PendingDeprecationWarning
PyExc_PermissionError
PyExc_ProcessLookupError
PyExc_RecursionErrorInst
PyExc_ReferenceError
PyExc_ResourceWarning
PyExc_RuntimeError
PyExc_RuntimeWarning
PyExc_StopIteration
PyExc_SyntaxError
PyExc_SyntaxWarning
PyExc_SystemError
PyExc_SystemExit
PyExc_TabError
PyExc_TimeoutError
PyExc_TypeError
PyExc_UnboundLocalError
PyExc_UnicodeDecodeError
PyExc_UnicodeEncodeError
PyExc_UnicodeError
PyExc_UnicodeTranslateError
PyExc_UnicodeWarning
PyExc_UserWarning
PyExc_ValueError
PyExc_Warning
PyExc_WindowsError
PyExc_ZeroDivisionError
PyException_GetCause
PyException_GetContext
PyException_GetTraceback
PyException_SetCause
PyException_SetContext
PyException_SetTraceback
PyFile_FromFd
PyFile_GetLine
PyFile_NewStdPrinter
PyFile_WriteObject
PyFile_WriteString
PyFilter_Type
PyFloat_AsDouble
PyFloat_ClearFreeList
PyFloat_Fini
PyFloat_FromDouble
PyFloat_FromString
PyFloat_GetInfo
PyFloat_GetMax
PyFloat_GetMin
PyFloat_Type
PyFrame_BlockPop
PyFrame_BlockSetup
PyFrame_ClearFreeList
PyFrame_FastToLocals
PyFrame_Fini
PyFrame_GetLineNumber
PyFrame_LocalsToFast
PyFrame_New
PyFrame_Type
PyFrozenSet_New
PyFrozenSet_Type
PyFunction_GetAnnotations
PyFunction_GetClosure
PyFunction_GetCode
PyFunction_GetDefaults
PyFunction_GetGlobals
PyFunction_GetKwDefaults
PyFunction_GetModule
PyFunction_New
PyFunction_NewWithQualName
PyFunction_SetAnnotations
PyFunction_SetClosure
PyFunction_SetDefaults
PyFunction_SetKwDefaults
PyFunction_Type
PyFuture_FromAST
PyGC_Collect
PyGILState_Ensure
PyGILState_GetThisThreadState
PyGILState_Release
PyGen_NeedsFinalizing
PyGen_New
PyGen_Type
PyGetSetDescr_Type
PyImport_AddModule
PyImport_AddModuleObject
PyImport_AppendInittab
PyImport_Cleanup
PyImport_ExecCodeModule
PyImport_ExecCodeModuleEx
PyImport_ExecCodeModuleObject
PyImport_ExecCodeModuleWithPathnames
PyImport_ExtendInittab
PyImport_FrozenModules
PyImport_GetImporter
PyImport_GetMagicNumber
PyImport_GetMagicTag
PyImport_GetModuleDict
PyImport_Import
PyImport_ImportFrozenModule
PyImport_ImportFrozenModuleObject
PyImport_ImportModule
PyImport_ImportModuleLevel
PyImport_ImportModuleLevelObject
PyImport_ImportModuleNoBlock
PyImport_Inittab
PyImport_ReloadModule
PyInstanceMethod_Function
PyInstanceMethod_New
PyInstanceMethod_Type
PyInterpreterState_Clear
PyInterpreterState_Delete
PyInterpreterState_Head
PyInterpreterState_New
PyInterpreterState_Next
PyInterpreterState_ThreadHead
PyIter_Next
PyListIter_Type
PyListRevIter_Type
PyList_Append
PyList_AsTuple
PyList_ClearFreeList
PyList_Fini
PyList_GetItem
PyList_GetSlice
PyList_Insert
PyList_New
PyList_Reverse
PyList_SetItem
PyList_SetSlice
PyList_Size
PyList_Sort
PyList_Type
PyLongRangeIter_Type
PyLong_AsDouble
PyLong_AsLong
PyLong_AsLongAndOverflow
PyLong_AsLongLong
PyLong_AsLongLongAndOverflow
PyLong_AsSize_t
PyLong_AsSsize_t
PyLong_AsUnsignedLong
PyLong_AsUnsignedLongLong
PyLong_AsUnsignedLongLongMask
PyLong_AsUnsignedLongMask
PyLong_AsVoidPtr
PyLong_FromDouble
PyLong_FromLong
PyLong_FromLongLong
PyLong_FromSize_t
PyLong_FromSsize_t
PyLong_FromString
PyLong_FromUnicode
PyLong_FromUnicodeObject
PyLong_FromUnsignedLong
PyLong_FromUnsignedLongLong
PyLong_FromVoidPtr
PyLong_GetInfo
PyLong_Type
PyMap_Type
PyMapping_Check
PyMapping_GetItemString
PyMapping_HasKey
PyMapping_HasKeyString
PyMapping_Items
PyMapping_Keys
PyMapping_Length
PyMapping_SetItemString
PyMapping_Size
PyMapping_Values
PyMarshal_ReadLastObjectFromFile
PyMarshal_ReadLongFromFile
PyMarshal_ReadObjectFromFile
PyMarshal_ReadObjectFromString
PyMarshal_ReadShortFromFile
PyMarshal_WriteLongToFile
PyMarshal_WriteObjectToFile
PyMarshal_WriteObjectToString
PyMem_Free
PyMem_Malloc
PyMem_Realloc
PyMemberDescr_Type
PyMember_GetOne
PyMember_SetOne
PyMemoryView_FromBuffer
PyMemoryView_FromMemory
PyMemoryView_FromObject
PyMemoryView_GetContiguous
PyMemoryView_Type
PyMethodDescr_Type
PyMethod_ClearFreeList
PyMethod_Fini
PyMethod_Function
PyMethod_New
PyMethod_Self
PyMethod_Type
PyModule_AddIntConstant
PyModule_AddObject
PyModule_AddStringConstant
PyModule_Create2
PyModule_GetDef
PyModule_GetDict
PyModule_GetFilename
PyModule_GetFilenameObject
PyModule_GetName
PyModule_GetNameObject
PyModule_GetState
PyModule_New
PyModule_NewObject
PyModule_Type
PyNode_AddChild
PyNode_Compile
PyNode_Free
PyNode_ListTree
PyNode_New
PyNumber_Absolute
PyNumber_Add
PyNumber_And
PyNumber_AsSsize_t
PyNumber_Check
PyNumber_Divmod
PyNumber_Float
PyNumber_FloorDivide
PyNumber_InPlaceAdd
PyNumber_InPlaceAnd
PyNumber_InPlaceFloorDivide
PyNumber_InPlaceLshift
PyNumber_InPlaceMultiply
PyNumber_InPlaceOr
PyNumber_InPlacePower
PyNumber_InPlaceRemainder
PyNumber_InPlaceRshift
PyNumber_InPlaceSubtract
PyNumber_InPlaceTrueDivide
PyNumber_InPlaceXor
PyNumber_Index
PyNumber_Invert
PyNumber_Long
PyNumber_Lshift
PyNumber_Multiply
PyNumber_Negative
PyNumber_Or
PyNumber_Positive
PyNumber_Power
PyNumber_Remainder
PyNumber_Rshift
PyNumber_Subtract
PyNumber_ToBase
PyNumber_TrueDivide
Sections
.text Size: 1.2MB - Virtual size: 1.2MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 856KB - Virtual size: 855KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 440KB - Virtual size: 473KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 78KB - Virtual size: 77KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ