81a675c86157aaa46b23509a9a912e9fe2efecfa26225ce1b465009350d79d00

Sharing

Copy URL

Twitter E-mail

General

Target

81a675c86157aaa46b23509a9a912e9fe2efecfa26225ce1b465009350d79d00
Size

3.2MB
MD5

97821e20d72a21ff20df065838e21aed
SHA1

24acbc80655fc63ed5f83d539d52b672ec7e3426
SHA256

81a675c86157aaa46b23509a9a912e9fe2efecfa26225ce1b465009350d79d00
SHA512

b4481bfcf846200e95b2052a0dbebfcf7eeee353e85f31d6ef5a79c7afebe7de6e6d3ff1821a059192b3da68482326c3f7b46dd261b28dbc9fc2282ffb956b93
SSDEEP

49152:MnKDOCtPCcr4+WknINZa3k/lMGt6CC5D03CgKQef:UKay4JiD0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
81a675c86157aaa46b23509a9a912e9fe2efecfa26225ce1b465009350d79d00

Files

81a675c86157aaa46b23509a9a912e9fe2efecfa26225ce1b465009350d79d00
.dll windows:6 windows x64 arch:x64

f11b5d0091a17e56c614145fc714ad10

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

spl_transpiler.pdb

Imports

api-ms-win-core-synch-l1-2-0

WaitOnAddress
WakeByAddressAll
WakeByAddressSingle

bcryptprimitives

ProcessPrng

python37

PyErr_SetObject
PyExc_IndexError
PyType_IsSubtype
_Py_NotImplementedStruct
PyType_FromSpec
PyObject_Call
PyImport_Import
PySequence_Check
PySequence_Size
PyDict_Next
PyObject_CallObject
PyObject_GC_UnTrack
PyLong_FromLongLong
PyLong_FromUnsignedLongLong
PyType_GenericAlloc
PyObject_GenericSetDict
PyObject_GenericGetDict
PyMem_Malloc
PyObject_Free
PyTuple_New
PyDict_SetItem
PyErr_SetString
PyObject_SetAttr
PyObject_GetAttr
PyLong_AsUnsignedLongLong
PyLong_AsLongLong
PyNumber_Index
PyFloat_AsDouble
PyFloat_Type
PyBaseObject_Type
PyErr_Print
PyGILState_Release
PyException_SetCause
PyException_GetTraceback
_Py_NoneStruct
PyException_GetCause
PyErr_NewExceptionWithDoc
PyErr_PrintEx
PyErr_Fetch
PyException_SetTraceback
PyExc_TypeError
PyExc_ValueError
PyExc_RuntimeError
PyBytes_Size
PyErr_NormalizeException
PyDict_New
PyModule_New
PyBytes_AsString
PyUnicode_AsEncodedString
PyUnicode_AsUTF8AndSize
PyModule_GetNameObject
PyList_New
PyErr_GivenExceptionMatches
PyExc_AttributeError
PyIter_Next
PyDict_Size
PyObject_GetIter
_Py_Dealloc
PyModule_Create2
PyExc_BaseException
_Py_TrueStruct
PyBool_Type
PyObject_DelItem
PyObject_SetItem
PyObject_GetItem
PyLong_FromSsize_t
PyObject_SetAttrString
PyEval_SaveThread
Py_InitializeEx
Py_IsInitialized
PyUnicode_InternInPlace
PyList_Append
PyExc_ImportError
PyErr_WriteUnraisable
PyErr_Restore
PyUnicode_FromStringAndSize
PyExc_SystemError
PyObject_Str
PyObject_Repr
PyGILState_Ensure
PyCFunction_NewEx
_Py_FalseStruct

kernel32

IsProcessorFeaturePresent
HeapReAlloc
GetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
QueryPerformanceCounter
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetLastError
GetCurrentDirectoryW
GetEnvironmentVariableW
GetModuleHandleW
FormatMessageW
lstrlenW
GetProcessHeap
HeapAlloc
GetStdHandle
WideCharToMultiByte
ReleaseMutex
CreateMutexA
GetCurrentProcessId
GetCurrentProcess
GetProcAddress
LoadLibraryA
WaitForSingleObjectEx
WriteConsoleW
MultiByteToWideChar
CloseHandle
WaitForSingleObject
GetConsoleMode
HeapFree

ntdll

NtWriteFile
RtlNtStatusToDosError

vcruntime140

__CxxFrameHandler3
memcmp
memmove
memset
_CxxThrowException
memcpy
__std_type_info_destroy_list
__C_specific_handler

api-ms-win-crt-runtime-l1-1-0

_initterm
_cexit
_execute_onexit_table
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm_e

api-ms-win-crt-heap-l1-1-0

free

Exports

Exports

PyInit_spl_transpiler

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 749KB - Virtual size: 749KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f11b5d0091a17e56c614145fc714ad10

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

api-ms-win-core-synch-l1-2-0

bcryptprimitives

python37

kernel32

ntdll

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

Exports

Exports

Sections

.text Size: 2.3MB - Virtual size: 2.3MB

.rdata Size: 749KB - Virtual size: 749KB

.data Size: 14KB - Virtual size: 14KB

.pdata Size: 140KB - Virtual size: 140KB

.reloc Size: 9KB - Virtual size: 9KB

.text
Size: 2.3MB - Virtual size: 2.3MB

.rdata
Size: 749KB - Virtual size: 749KB

.data
Size: 14KB - Virtual size: 14KB

.pdata
Size: 140KB - Virtual size: 140KB

.reloc
Size: 9KB - Virtual size: 9KB