f9181cc238932ed985c3f2fd81542e6acd77539996fac1f0fd79ff229fdd0777N

Sharing

Copy URL

Twitter E-mail

General

Target

f9181cc238932ed985c3f2fd81542e6acd77539996fac1f0fd79ff229fdd0777N
Size

19KB
MD5

6eb347cfd04297bc514fdff2899e3f70
SHA1

fabd0ca237382dd62792d876a553689435126e62
SHA256

f9181cc238932ed985c3f2fd81542e6acd77539996fac1f0fd79ff229fdd0777
SHA512

fe84b5bba23a9006df312898a9542f72bf2d90af7e8719da61c1a3ba25c09a213b3abddabe5c05f3a9bf6d6c45a183acdeca80d7261ff1c5bc774274b7773b5d
SSDEEP

384:Uvdoac3MeUgnWF8Iv6LKa8/m1gLh1RgtG11g+sqea7GAuhx5t42Q:qoaGMeUgn9Iv62vu1APRgtG11repk2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f9181cc238932ed985c3f2fd81542e6acd77539996fac1f0fd79ff229fdd0777N

Files

f9181cc238932ed985c3f2fd81542e6acd77539996fac1f0fd79ff229fdd0777N
.dll windows:6 windows x86 arch:x86

3bab686e5d3679f2e817541366506787

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

O:\src\pywin32\build\temp.win32-3.8\Release\win32clipboard.pdb

Imports

gdi32

GetEnhMetaFileBits
GetMetaFileBitsEx

user32

GetClipboardOwner
SetClipboardViewer
GetClipboardViewer
ChangeClipboardChain
SetClipboardData
GetClipboardData
RegisterClipboardFormatW
CloseClipboard
EnumClipboardFormats
GetClipboardFormatNameW
EmptyClipboard
IsClipboardFormatAvailable
GetPriorityClipboardFormat
GetOpenClipboardWindow
CountClipboardFormats
OpenClipboard

shell32

DragQueryFileW

python38

PyEval_SaveThread
PyBytes_FromStringAndSize
PyUnicode_FromWideChar
PyUnicode_AsUnicode
PyLong_FromLong
PyTuple_New
PyTuple_SetItem
PyDict_SetItemString
PyModule_GetDict
PyErr_SetString
PyErr_Clear
PyExc_ValueError
PyExc_TypeError
PyExc_RuntimeError
_Py_TrueStruct
_Py_NoneStruct
PyObject_AsReadBuffer
PyEval_RestoreThread
PyErr_NoMemory
PyModule_Create2
PyModule_AddIntConstant
_Py_BuildValue_SizeT
_PyArg_ParseTuple_SizeT
PyErr_Format
_Py_Dealloc

pywintypes38

?PyWin_SetAPIError@@YAPAU_object@@PADJ@Z
?PyWinObject_AsWCHAR@@YAHPAU_object@@PAPA_WHPAK@Z
?PyWinObject_FreeWCHAR@@YAXPA_W@Z
?PyWinObject_AsString@@YAHPAU_object@@PAPADHPAK@Z
?PyWinObject_FromOLECHAR@@YAPAU_object@@PB_W@Z
?PyWinObject_AsDWORDArray@@YAHPAU_object@@PAPAKPAKH@Z
?PyWinObject_AsHANDLE@@YAHPAU_object@@PAPAX@Z
?PyWinLong_FromHANDLE@@YAPAU_object@@PAX@Z
?PyWinGlobals_Ensure@@YAHXZ
?PyWinExc_ApiError@@3PAU_object@@A
?PyWinObject_FreeString@@YAXPAD@Z

kernel32

GlobalLock
GlobalSize
GlobalAlloc
GetProcAddress
FreeLibrary
GetLastError
LoadLibraryW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetModuleHandleW
GetCurrentProcess
TerminateProcess
GlobalUnlock

vcruntime140

__std_type_info_destroy_list
__telemetry_main_return_trigger
memcpy
memset
__telemetry_main_invoke_trigger
_except_handler4_common

api-ms-win-crt-heap-l1-1-0

malloc
free

api-ms-win-crt-runtime-l1-1-0

_cexit
terminate
_crt_at_quick_exit
_initterm_e
_seh_filter_dll
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit
_initterm

Exports

Exports

PyInit_win32clipboard

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3bab686e5d3679f2e817541366506787

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

gdi32

user32

shell32

python38

pywintypes38

kernel32

vcruntime140

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-runtime-l1-1-0

Exports

Exports

Sections

.text Size: 9KB - Virtual size: 8KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 1KB

.gfids Size: 512B - Virtual size: 28B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 9KB - Virtual size: 8KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 1KB

.gfids
Size: 512B - Virtual size: 28B

.reloc
Size: 1KB - Virtual size: 1KB