6340c5ad174206f96a088b2db5c196dc49f076c9342479b3413715c242f22dee[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

6340c5ad174206f96a088b2db5c196dc49f076c9342479b3413715c242f22dee.exe
Size

206KB
MD5

eb33cd0757479281f9d378cdbb0c56cd
SHA1

843f371f3de7e4053f7a1250288349a047f6d652
SHA256

6340c5ad174206f96a088b2db5c196dc49f076c9342479b3413715c242f22dee
SHA512

9aa355c7cefe9cee3c8dcc814e509e94033b41042b801d13cef2cf0ba70341a5d00aeacc7d1300f566270cc40d69237c36bbd539127a9b71e78ce16af466a0c4
SSDEEP

3072:aNLUkBvFn7EPUHn6TPDRhrzPx5jxFae5Nwtgn9W6BTUWDc1DP/HWb0TM6o:o7BtnKUaTnDjxDbwsWMgDPfu01o

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6340c5ad174206f96a088b2db5c196dc49f076c9342479b3413715c242f22dee.exe

Files

6340c5ad174206f96a088b2db5c196dc49f076c9342479b3413715c242f22dee.exe
.dll windows:6 windows x86 arch:x86

b9f39c61764951a0d9d409c0b559f6e4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

is_bimodal.pdb

Imports

api-ms-win-core-synch-l1-2-0

WakeByAddressAll
WaitOnAddress
WakeByAddressSingle

python312

PyException_SetTraceback
PyErr_PrintEx
PyErr_NewExceptionWithDoc
PyException_GetCause
PyErr_Print
PyList_Append
PyModule_Create2
PyExc_BaseException
PyCMethod_New
PyFloat_FromDouble
PyObject_SetAttr
PyObject_GetAttr
PyErr_SetObject
PyErr_GetRaisedException
PyException_GetTraceback
PyErr_SetString
PyType_GetQualName
PyUnicode_AsEncodedString
PyModule_GetNameObject
PyList_New
PyErr_GivenExceptionMatches
PyExc_AttributeError
PyIter_Next
PyErr_WriteUnraisable
PyErr_SetRaisedException
PyObject_Str
PyObject_Repr
PyType_GetName
PyException_SetCause
PyBytes_Size
PyBytes_AsString
PyLong_AsUnsignedLongLong
PyNumber_Index
PyObject_GetIter
PyInterpreterState_GetID
PyInterpreterState_Get
PyGILState_Release
PyGILState_Ensure
PyExc_OverflowError
PyExc_ImportError
Py_IsInitialized
PyUnicode_InternInPlace
_Py_NoneStruct
PyTuple_New
PyUnicode_AsUTF8AndSize
PyUnicode_FromStringAndSize
_Py_Dealloc
PySequence_Size
PySequence_Check
PyExc_SystemError
_Py_FalseStruct
_Py_TrueStruct
PyExc_TypeError

kernel32

IsProcessorFeaturePresent
GetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentThread
WaitForSingleObject
QueryPerformanceCounter
GetCurrentProcess
RtlCaptureContext
GetProcAddress
ReleaseMutex
SetLastError
GetCurrentDirectoryW
GetEnvironmentVariableW
GetStdHandle
GetCurrentProcessId
TerminateProcess
HeapFree
HeapReAlloc
WaitForSingleObjectEx
LoadLibraryA
lstrlenW
CreateMutexA
HeapAlloc
GetProcessHeap
WideCharToMultiByte
WriteConsoleW
MultiByteToWideChar
FormatMessageW
GetModuleHandleW
GetConsoleMode
CloseHandle

ntdll

RtlNtStatusToDosError
NtWriteFile

vcruntime140

_except_handler4_common
_CxxThrowException
memset
__std_type_info_destroy_list
memcmp
memcpy
__CxxFrameHandler3

api-ms-win-crt-runtime-l1-1-0

_execute_onexit_table
_initialize_onexit_table
_initialize_narrow_environment
_cexit
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm

api-ms-win-crt-heap-l1-1-0

free

Exports

Exports

PyInit_is_bimodal

Sections

.text
Size: 157KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b9f39c61764951a0d9d409c0b559f6e4

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

api-ms-win-core-synch-l1-2-0

python312

kernel32

ntdll

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

Exports

Exports

Sections

.text Size: 157KB - Virtual size: 156KB

.rdata Size: 40KB - Virtual size: 39KB

.data Size: 512B - Virtual size: 1KB

.reloc Size: 7KB - Virtual size: 7KB

.text
Size: 157KB - Virtual size: 156KB

.rdata
Size: 40KB - Virtual size: 39KB

.data
Size: 512B - Virtual size: 1KB

.reloc
Size: 7KB - Virtual size: 7KB