General
Structural Analysis
Config.0
Yara Rules99+
Sync
Community
Infection Chain
Summary by MalvaGPT
Characteristics
|
Hash | Hash Value |
|---|---|
| MD5 | 87d5fbaa3cd647071c51df0e07443c6f
|
| Sha1 | edee2c23114158fce48124a01db9c53f7a228a79
|
| Sha256 | 35f3ee553626b2267e4a8f35dce5b40840e5a461f13652bd2659681c31068805
|
| Sha384 | ded42c97d11da91f0b2e224e0a2590edd93020bfbb4055721c164354bd72331a0b0cda694cef31767a9a13f3997e98d0
|
| Sha512 | a53c7118b84c6f83ade698990b26adafb3dfe1d60b86d5cd3c29049839f843b5ca4e5b8a2d0f933aa205eaaa1de13fca1a778e54bbec61b771b3af8bc360ee58
|
| SSDeep | 393216:rIG6qcMK405dsuJTGHmVN+nO0NrN1IG6+ckj405dsOJTGHmVNwffnG0NrN:rlcMK40IsUO0lnlAkj40IM0/G0l
|
| TLSH | 88472310EB605029F8FB22F756FD956D992CEEF0275450CF42C565ED8A2A6E03E3231B
|
PeID
Microsoft Visual C++ 6.0 DLL (Debug)
Microsoft Visual C++ 7.0 - 8.0
Microsoft Visual C++ 8.0
Microsoft Visual C++ 8.0
Microsoft Visual C++ v6.0 DLL
File Structure
87d5fbaa3cd647071c51df0e07443c6f
Malicious
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.textbss
.text
.rdata
.data
.idata
.msvcjmc
.00cfg
.rsrc
.reloc
Resources
Malicious
RT_RCDATA
Malicious
ID:0065
Malicious
ID:1033
Malicious
[Authenticode]_dc9463d8.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
RT_MANIFEST
ID:0002
ID:1033
[Authenticode]_470bca30.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
[Authenticode]_fe5e330b.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
[Authenticode]_5ad19cbf.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
[Authenticode]_ae9dc623.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
_multiprocessing.pyd
[Authenticode]_5100547e.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
[Authenticode]_4e4ad4e1.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
[Authenticode]_8c55fa10.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
[Authenticode]_ac739641.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
[Authenticode]_a642122a.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
[Authenticode]_34b4bca7.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
[Authenticode]_e0a43885.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
[Authenticode]_daacf6b0.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
file.pdf
[Authenticode]_d5d5b6aa.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.idata
.00cfg
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
[Authenticode]_b7239277.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.reloc
[Authenticode]_4f659275.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.idata
.00cfg
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
LICENSE.txt
[Authenticode]_949d9453.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
python.cat
[Authenticode]_0f61661e.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:1033
ID:1033-preview.png
ID:0002
ID:1033
ID:0003
ID:1033
ID:0004
ID:1033
ID:0005
ID:1033
ID:0006
ID:1033
ID:0007
ID:1033
ID:1033-preview.png
ID:0008
ID:1033
ID:0009
ID:1033
ID:000A
ID:1033
ID:000B
ID:1033
ID:000C
ID:1033
RT_GROUP_CURSOR4
ID:0001
ID:1033
RT_VERSION
ID:0001
ID:1033
[Authenticode]_872a2dec.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.rdata
.rsrc
Resources
RT_VERSION
ID:0001
ID:1033
python311._pth
[Authenticode]_64fd45cb.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
PyRuntim
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
abc.pyc
aifc.pyc
antigravity.pyc
argparse.pyc
ast.pyc
asynchat.pyc
asyncore.pyc
base64.pyc
bdb.pyc
bisect.pyc
bz2.pyc
calendar.pyc
cgi.pyc
cgitb.pyc
chunk.pyc
cmd.pyc
code.pyc
codecs.pyc
codeop.pyc
colorsys.pyc
compileall.pyc
configparser.pyc
contextlib.pyc
contextvars.pyc
copy.pyc
copyreg.pyc
cProfile.pyc
crypt.pyc
csv.pyc
dataclasses.pyc
datetime.pyc
decimal.pyc
difflib.pyc
dis.pyc
doctest.pyc
enum.pyc
filecmp.pyc
fileinput.pyc
fnmatch.pyc
fractions.pyc
ftplib.pyc
functools.pyc
genericpath.pyc
getopt.pyc
getpass.pyc
gettext.pyc
glob.pyc
graphlib.pyc
gzip.pyc
hashlib.pyc
heapq.pyc
hmac.pyc
imaplib.pyc
imghdr.pyc
imp.pyc
inspect.pyc
io.pyc
ipaddress.pyc
keyword.pyc
linecache.pyc
locale.pyc
lzma.pyc
mailbox.pyc
mailcap.pyc
mimetypes.pyc
modulefinder.pyc
netrc.pyc
nntplib.pyc
ntpath.pyc
nturl2path.pyc
numbers.pyc
opcode.pyc
operator.pyc
optparse.pyc
os.pyc
pathlib.pyc
pdb.pyc
pickle.pyc
pickletools.pyc
pipes.pyc
pkgutil.pyc
platform.pyc
plistlib.pyc
poplib.pyc
posixpath.pyc
pprint.pyc
profile.pyc
pstats.pyc
pty.pyc
pyclbr.pyc
pydoc.pyc
py_compile.pyc
queue.pyc
quopri.pyc
random.pyc
reprlib.pyc
rlcompleter.pyc
runpy.pyc
sched.pyc
secrets.pyc
selectors.pyc
shelve.pyc
shlex.pyc
shutil.pyc
signal.pyc
site.pyc
smtpd.pyc
smtplib.pyc
sndhdr.pyc
socket.pyc
socketserver.pyc
sre_compile.pyc
sre_constants.pyc
sre_parse.pyc
ssl.pyc
stat.pyc
statistics.pyc
string.pyc
stringprep.pyc
struct.pyc
subprocess.pyc
sunau.pyc
symtable.pyc
sysconfig.pyc
tabnanny.pyc
tarfile.pyc
telnetlib.pyc
tempfile.pyc
textwrap.pyc
this.pyc
threading.pyc
timeit.pyc
token.pyc
tokenize.pyc
trace.pyc
traceback.pyc
tracemalloc.pyc
tty.pyc
types.pyc
typing.pyc
uu.pyc
uuid.pyc
warnings.pyc
wave.pyc
weakref.pyc
webbrowser.pyc
xdrlib.pyc
zipapp.pyc
zipfile.pyc
zipimport.pyc
_aix_support.pyc
_bootsubprocess.pyc
_collections_abc.pyc
_compat_pickle.pyc
_compression.pyc
_markupbase.pyc
_osx_support.pyc
_pydecimal.pyc
_pyio.pyc
_py_abc.pyc
_sitebuiltins.pyc
_strptime.pyc
_threading_local.pyc
_weakrefset.pyc
__future__.pyc
__hello__.pyc
asyncio
base_events.pyc
base_futures.pyc
base_subprocess.pyc
base_tasks.pyc
constants.pyc
coroutines.pyc
events.pyc
exceptions.pyc
format_helpers.pyc
futures.pyc
locks.pyc
log.pyc
mixins.pyc
proactor_events.pyc
protocols.pyc
queues.pyc
runners.pyc
selector_events.pyc
sslproto.pyc
staggered.pyc
streams.pyc
subprocess.pyc
taskgroups.pyc
tasks.pyc
threads.pyc
timeouts.pyc
transports.pyc
trsock.pyc
unix_events.pyc
windows_events.pyc
windows_utils.pyc
__init__.pyc
__main__.pyc
collections
abc.pyc
__init__.pyc
concurrent
__init__.pyc
futures
ctypes
util.pyc
wintypes.pyc
_aix.pyc
_endian.pyc
__init__.pyc
macholib
dyld.pyc
dylib.pyc
fetch_macholib
fetch_macholib.bat
framework.pyc
README.ctypes
__init__.pyc
curses
ascii.pyc
has_key.pyc
panel.pyc
textpad.pyc
__init__.pyc
dbm
distutils
archive_util.pyc
bcppcompiler.pyc
ccompiler.pyc
cmd.pyc
config.pyc
core.pyc
cygwinccompiler.pyc
debug.pyc
dep_util.pyc
dir_util.pyc
dist.pyc
errors.pyc
extension.pyc
fancy_getopt.pyc
filelist.pyc
file_util.pyc
log.pyc
msvc9compiler.pyc
msvccompiler.pyc
README
spawn.pyc
sysconfig.pyc
text_file.pyc
unixccompiler.pyc
util.pyc
version.pyc
versionpredicate.pyc
_msvccompiler.pyc
__init__.pyc
command
bdist.pyc
bdist_dumb.pyc
bdist_rpm.pyc
build.pyc
build_clib.pyc
build_ext.pyc
build_py.pyc
build_scripts.pyc
check.pyc
clean.pyc
command_template
config.pyc
install.pyc
install_data.pyc
install_egg_info.pyc
install_headers.pyc
install_lib.pyc
install_scripts.pyc
register.pyc
sdist.pyc
upload.pyc
__init__.pyc
email
architecture.rst
base64mime.pyc
charset.pyc
contentmanager.pyc
encoders.pyc
errors.pyc
feedparser.pyc
generator.pyc
header.pyc
headerregistry.pyc
iterators.pyc
message.pyc
parser.pyc
policy.pyc
quoprimime.pyc
utils.pyc
_encoded_words.pyc
_header_value_parser.pyc
_parseaddr.pyc
_policybase.pyc
__init__.pyc
mime
application.pyc
audio.pyc
base.pyc
image.pyc
message.pyc
multipart.pyc
nonmultipart.pyc
text.pyc
__init__.pyc
encodings
aliases.pyc
ascii.pyc
base64_codec.pyc
big5.pyc
big5hkscs.pyc
bz2_codec.pyc
charmap.pyc
cp037.pyc
cp1006.pyc
cp1026.pyc
cp1125.pyc
cp1140.pyc
cp1250.pyc
cp1251.pyc
cp1252.pyc
cp1253.pyc
cp1254.pyc
cp1255.pyc
cp1256.pyc
cp1257.pyc
cp1258.pyc
cp273.pyc
cp424.pyc
cp437.pyc
cp500.pyc
cp720.pyc
cp737.pyc
cp775.pyc
cp850.pyc
cp852.pyc
cp855.pyc
cp856.pyc
cp857.pyc
cp858.pyc
cp860.pyc
cp861.pyc
cp862.pyc
cp863.pyc
cp864.pyc
cp865.pyc
cp866.pyc
cp869.pyc
cp874.pyc
cp875.pyc
cp932.pyc
cp949.pyc
cp950.pyc
euc_jisx0213.pyc
euc_jis_2004.pyc
euc_jp.pyc
euc_kr.pyc
gb18030.pyc
gb2312.pyc
gbk.pyc
hex_codec.pyc
hp_roman8.pyc
hz.pyc
idna.pyc
iso2022_jp.pyc
iso2022_jp_1.pyc
iso2022_jp_2.pyc
iso2022_jp_2004.pyc
iso2022_jp_3.pyc
iso2022_jp_ext.pyc
iso2022_kr.pyc
iso8859_1.pyc
iso8859_10.pyc
iso8859_11.pyc
iso8859_13.pyc
iso8859_14.pyc
iso8859_15.pyc
iso8859_16.pyc
iso8859_2.pyc
iso8859_3.pyc
iso8859_4.pyc
iso8859_5.pyc
iso8859_6.pyc
iso8859_7.pyc
iso8859_8.pyc
iso8859_9.pyc
johab.pyc
koi8_r.pyc
koi8_t.pyc
koi8_u.pyc
kz1048.pyc
latin_1.pyc
mac_arabic.pyc
mac_croatian.pyc
mac_cyrillic.pyc
mac_farsi.pyc
mac_greek.pyc
mac_iceland.pyc
mac_latin2.pyc
mac_roman.pyc
mac_romanian.pyc
mac_turkish.pyc
mbcs.pyc
oem.pyc
palmos.pyc
ptcp154.pyc
punycode.pyc
quopri_codec.pyc
raw_unicode_escape.pyc
rot_13.pyc
shift_jis.pyc
shift_jisx0213.pyc
shift_jis_2004.pyc
tis_620.pyc
undefined.pyc
unicode_escape.pyc
utf_16.pyc
utf_16_be.pyc
utf_16_le.pyc
utf_32.pyc
utf_32_be.pyc
utf_32_le.pyc
utf_7.pyc
utf_8.pyc
utf_8_sig.pyc
uu_codec.pyc
zlib_codec.pyc
__init__.pyc
html
http
client.pyc
cookiejar.pyc
server.pyc
__init__.pyc
importlib
abc.pyc
machinery.pyc
readers.pyc
simple.pyc
util.pyc
_abc.pyc
_bootstrap.pyc
_bootstrap_external.pyc
__init__.pyc
metadata
_adapters.pyc
_collections.pyc
_functools.pyc
_itertools.pyc
_meta.pyc
_text.pyc
__init__.pyc
resources
abc.pyc
readers.pyc
simple.pyc
_adapters.pyc
_common.pyc
_itertools.pyc
_legacy.pyc
__init__.pyc
json
decoder.pyc
encoder.pyc
scanner.pyc
tool.pyc
__init__.pyc
lib2to3
btm_matcher.pyc
btm_utils.pyc
fixer_base.pyc
fixer_util.pyc
Grammar3.11.9.final.0.pickle
Grammar.txt
main.pyc
patcomp.pyc
PatternGrammar3.11.9.final.0.pickle
PatternGrammar.txt
pygram.pyc
pytree.pyc
refactor.pyc
__init__.pyc
__main__.pyc
fixes
fix_apply.pyc
fix_asserts.pyc
fix_basestring.pyc
fix_buffer.pyc
fix_dict.pyc
fix_except.pyc
fix_exec.pyc
fix_execfile.pyc
fix_exitfunc.pyc
fix_filter.pyc
fix_funcattrs.pyc
fix_future.pyc
fix_getcwdu.pyc
fix_has_key.pyc
fix_idioms.pyc
fix_import.pyc
fix_imports.pyc
fix_imports2.pyc
fix_input.pyc
fix_intern.pyc
fix_isinstance.pyc
fix_itertools.pyc
fix_itertools_imports.pyc
fix_long.pyc
fix_map.pyc
fix_metaclass.pyc
fix_methodattrs.pyc
fix_ne.pyc
fix_next.pyc
fix_nonzero.pyc
fix_numliterals.pyc
fix_operator.pyc
fix_paren.pyc
fix_print.pyc
fix_raise.pyc
fix_raw_input.pyc
fix_reduce.pyc
fix_reload.pyc
fix_renames.pyc
fix_repr.pyc
fix_set_literal.pyc
fix_standarderror.pyc
fix_sys_exc.pyc
fix_throw.pyc
fix_tuple_params.pyc
fix_types.pyc
fix_unicode.pyc
fix_urllib.pyc
fix_ws_comma.pyc
fix_xrange.pyc
fix_xreadlines.pyc
fix_zip.pyc
__init__.pyc
pgen2
conv.pyc
driver.pyc
grammar.pyc
literals.pyc
parse.pyc
pgen.pyc
token.pyc
tokenize.pyc
__init__.pyc
logging
msilib
multiprocessing
connection.pyc
context.pyc
forkserver.pyc
heap.pyc
managers.pyc
pool.pyc
popen_fork.pyc
popen_forkserver.pyc
popen_spawn_posix.pyc
popen_spawn_win32.pyc
process.pyc
queues.pyc
reduction.pyc
resource_sharer.pyc
resource_tracker.pyc
sharedctypes.pyc
shared_memory.pyc
spawn.pyc
synchronize.pyc
util.pyc
__init__.pyc
dummy
connection.pyc
__init__.pyc
pydoc_data
re
_casefix.pyc
_compiler.pyc
_constants.pyc
_parser.pyc
__init__.pyc
site-packages
README.txt
sqlite3
tomllib
unittest
async_case.pyc
case.pyc
loader.pyc
main.pyc
mock.pyc
result.pyc
runner.pyc
signals.pyc
suite.pyc
util.pyc
_log.pyc
__init__.pyc
__main__.pyc
urllib
error.pyc
parse.pyc
request.pyc
response.pyc
robotparser.pyc
__init__.pyc
wsgiref
handlers.pyc
headers.pyc
simple_server.pyc
types.pyc
util.pyc
validate.pyc
__init__.pyc
xml
__init__.pyc
dom
domreg.pyc
expatbuilder.pyc
minicompat.pyc
minidom.pyc
NodeFilter.pyc
pulldom.pyc
xmlbuilder.pyc
__init__.pyc
etree
cElementTree.pyc
ElementInclude.pyc
ElementPath.pyc
ElementTree.pyc
__init__.pyc
parsers
expat.pyc
__init__.pyc
sax
expatreader.pyc
handler.pyc
saxutils.pyc
xmlreader.pyc
_exceptions.pyc
__init__.pyc
xmlrpc
zoneinfo
_common.pyc
_tzpath.pyc
_zoneinfo.pyc
__init__.pyc
__phello__
[Authenticode]_d1af6652.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:1033
ID:1033-preview.png
ID:0002
ID:1033
ID:0003
ID:1033
ID:0004
ID:1033
ID:0005
ID:1033
ID:0006
ID:1033
ID:0007
ID:1033
ID:1033-preview.png
ID:0008
ID:1033
ID:0009
ID:1033
ID:000A
ID:1033
ID:000B
ID:1033
ID:000C
ID:1033
RT_GROUP_CURSOR4
ID:0001
ID:1033
RT_VERSION
ID:0001
ID:1033
run.py
[Authenticode]_e2fcc9e6.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
[Authenticode]_b00d8656.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
[Authenticode]_d877739c.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
[Authenticode]_1cb440e6.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.data
.idata
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
[Authenticode]_ae93b9bf.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
macOS
Malicious
Security.bin
[Authenticode]_3617576c.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
[Authenticode]_4d51ee45.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
[Authenticode]_29b30463.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
RT_MANIFEST
ID:0002
ID:1033
Informations
|
Name0 | Value |
|---|---|
| Info | PE Detect: PeReader OK (file layout) |
| Info | PDB Path: C:\Users\Admin\Documents\bot\TMT\DLL CU\DLL CU\Debug\oledlg.pdb |
| file.pdf | 1.3 |
| file.pdf | anonymous |
| file.pdf | D:20250716171346+00'00' |
| file.pdf | ReportLab PDF Library - www.reportlab.com |
| file.pdf | |
| file.pdf | D:20250716171346+00'00' |
| file.pdf | unspecified |
| file.pdf | untitled |
| file.pdf | ReportLab PDF Library - www.reportlab.com |
| file.pdf | anonymous |
| file.pdf | D:20250716171346+00'00' |
| file.pdf | ReportLab PDF Library - www.reportlab.com |
| file.pdf | |
| file.pdf | D:20250716171346+00'00' |
| file.pdf | ReportLab PDF Library - www.reportlab.com |
| file.pdf | unspecified |
| file.pdf | untitled |
Artefacts
|
Name0 | Value |
|---|---|
| URLs in VB Code - #1 | http://ocert.org/advisories/ocert-2011-003.html |
| URLs in VB Code - #2 | https://www.unicode.org/Public/14.0.0/ucd/DerivedCoreProperties.txt |
| URLs in VB Code - #3 | https://www.python.org/download/releases/2.3/mro/ |
| URLs in VB Code - #1 | http://schemas.microsoft.com/windows/2004/02/mit/task |
87d5fbaa3cd647071c51df0e07443c6f (26.84 MB)
File Structure
87d5fbaa3cd647071c51df0e07443c6f
Malicious
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.textbss
.text
.rdata
.data
.idata
.msvcjmc
.00cfg
.rsrc
.reloc
Resources
Malicious
RT_RCDATA
Malicious
ID:0065
Malicious
ID:1033
Malicious
[Authenticode]_dc9463d8.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
RT_MANIFEST
ID:0002
ID:1033
[Authenticode]_470bca30.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
[Authenticode]_fe5e330b.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
[Authenticode]_5ad19cbf.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
[Authenticode]_ae9dc623.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
_multiprocessing.pyd
[Authenticode]_5100547e.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
[Authenticode]_4e4ad4e1.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
[Authenticode]_8c55fa10.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
[Authenticode]_ac739641.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
[Authenticode]_a642122a.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
[Authenticode]_34b4bca7.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
[Authenticode]_e0a43885.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
[Authenticode]_daacf6b0.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
file.pdf
[Authenticode]_d5d5b6aa.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.idata
.00cfg
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
[Authenticode]_b7239277.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.reloc
[Authenticode]_4f659275.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.idata
.00cfg
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
LICENSE.txt
[Authenticode]_949d9453.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
python.cat
[Authenticode]_0f61661e.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:1033
ID:1033-preview.png
ID:0002
ID:1033
ID:0003
ID:1033
ID:0004
ID:1033
ID:0005
ID:1033
ID:0006
ID:1033
ID:0007
ID:1033
ID:1033-preview.png
ID:0008
ID:1033
ID:0009
ID:1033
ID:000A
ID:1033
ID:000B
ID:1033
ID:000C
ID:1033
RT_GROUP_CURSOR4
ID:0001
ID:1033
RT_VERSION
ID:0001
ID:1033
[Authenticode]_872a2dec.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.rdata
.rsrc
Resources
RT_VERSION
ID:0001
ID:1033
python311._pth
[Authenticode]_64fd45cb.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
PyRuntim
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
abc.pyc
aifc.pyc
antigravity.pyc
argparse.pyc
ast.pyc
asynchat.pyc
asyncore.pyc
base64.pyc
bdb.pyc
bisect.pyc
bz2.pyc
calendar.pyc
cgi.pyc
cgitb.pyc
chunk.pyc
cmd.pyc
code.pyc
codecs.pyc
codeop.pyc
colorsys.pyc
compileall.pyc
configparser.pyc
contextlib.pyc
contextvars.pyc
copy.pyc
copyreg.pyc
cProfile.pyc
crypt.pyc
csv.pyc
dataclasses.pyc
datetime.pyc
decimal.pyc
difflib.pyc
dis.pyc
doctest.pyc
enum.pyc
filecmp.pyc
fileinput.pyc
fnmatch.pyc
fractions.pyc
ftplib.pyc
functools.pyc
genericpath.pyc
getopt.pyc
getpass.pyc
gettext.pyc
glob.pyc
graphlib.pyc
gzip.pyc
hashlib.pyc
heapq.pyc
hmac.pyc
imaplib.pyc
imghdr.pyc
imp.pyc
inspect.pyc
io.pyc
ipaddress.pyc
keyword.pyc
linecache.pyc
locale.pyc
lzma.pyc
mailbox.pyc
mailcap.pyc
mimetypes.pyc
modulefinder.pyc
netrc.pyc
nntplib.pyc
ntpath.pyc
nturl2path.pyc
numbers.pyc
opcode.pyc
operator.pyc
optparse.pyc
os.pyc
pathlib.pyc
pdb.pyc
pickle.pyc
pickletools.pyc
pipes.pyc
pkgutil.pyc
platform.pyc
plistlib.pyc
poplib.pyc
posixpath.pyc
pprint.pyc
profile.pyc
pstats.pyc
pty.pyc
pyclbr.pyc
pydoc.pyc
py_compile.pyc
queue.pyc
quopri.pyc
random.pyc
reprlib.pyc
rlcompleter.pyc
runpy.pyc
sched.pyc
secrets.pyc
selectors.pyc
shelve.pyc
shlex.pyc
shutil.pyc
signal.pyc
site.pyc
smtpd.pyc
smtplib.pyc
sndhdr.pyc
socket.pyc
socketserver.pyc
sre_compile.pyc
sre_constants.pyc
sre_parse.pyc
ssl.pyc
stat.pyc
statistics.pyc
string.pyc
stringprep.pyc
struct.pyc
subprocess.pyc
sunau.pyc
symtable.pyc
sysconfig.pyc
tabnanny.pyc
tarfile.pyc
telnetlib.pyc
tempfile.pyc
textwrap.pyc
this.pyc
threading.pyc
timeit.pyc
token.pyc
tokenize.pyc
trace.pyc
traceback.pyc
tracemalloc.pyc
tty.pyc
types.pyc
typing.pyc
uu.pyc
uuid.pyc
warnings.pyc
wave.pyc
weakref.pyc
webbrowser.pyc
xdrlib.pyc
zipapp.pyc
zipfile.pyc
zipimport.pyc
_aix_support.pyc
_bootsubprocess.pyc
_collections_abc.pyc
_compat_pickle.pyc
_compression.pyc
_markupbase.pyc
_osx_support.pyc
_pydecimal.pyc
_pyio.pyc
_py_abc.pyc
_sitebuiltins.pyc
_strptime.pyc
_threading_local.pyc
_weakrefset.pyc
__future__.pyc
__hello__.pyc
asyncio
base_events.pyc
base_futures.pyc
base_subprocess.pyc
base_tasks.pyc
constants.pyc
coroutines.pyc
events.pyc
exceptions.pyc
format_helpers.pyc
futures.pyc
locks.pyc
log.pyc
mixins.pyc
proactor_events.pyc
protocols.pyc
queues.pyc
runners.pyc
selector_events.pyc
sslproto.pyc
staggered.pyc
streams.pyc
subprocess.pyc
taskgroups.pyc
tasks.pyc
threads.pyc
timeouts.pyc
transports.pyc
trsock.pyc
unix_events.pyc
windows_events.pyc
windows_utils.pyc
__init__.pyc
__main__.pyc
collections
abc.pyc
__init__.pyc
concurrent
__init__.pyc
futures
ctypes
util.pyc
wintypes.pyc
_aix.pyc
_endian.pyc
__init__.pyc
macholib
dyld.pyc
dylib.pyc
fetch_macholib
fetch_macholib.bat
framework.pyc
README.ctypes
__init__.pyc
curses
ascii.pyc
has_key.pyc
panel.pyc
textpad.pyc
__init__.pyc
dbm
distutils
archive_util.pyc
bcppcompiler.pyc
ccompiler.pyc
cmd.pyc
config.pyc
core.pyc
cygwinccompiler.pyc
debug.pyc
dep_util.pyc
dir_util.pyc
dist.pyc
errors.pyc
extension.pyc
fancy_getopt.pyc
filelist.pyc
file_util.pyc
log.pyc
msvc9compiler.pyc
msvccompiler.pyc
README
spawn.pyc
sysconfig.pyc
text_file.pyc
unixccompiler.pyc
util.pyc
version.pyc
versionpredicate.pyc
_msvccompiler.pyc
__init__.pyc
command
bdist.pyc
bdist_dumb.pyc
bdist_rpm.pyc
build.pyc
build_clib.pyc
build_ext.pyc
build_py.pyc
build_scripts.pyc
check.pyc
clean.pyc
command_template
config.pyc
install.pyc
install_data.pyc
install_egg_info.pyc
install_headers.pyc
install_lib.pyc
install_scripts.pyc
register.pyc
sdist.pyc
upload.pyc
__init__.pyc
email
architecture.rst
base64mime.pyc
charset.pyc
contentmanager.pyc
encoders.pyc
errors.pyc
feedparser.pyc
generator.pyc
header.pyc
headerregistry.pyc
iterators.pyc
message.pyc
parser.pyc
policy.pyc
quoprimime.pyc
utils.pyc
_encoded_words.pyc
_header_value_parser.pyc
_parseaddr.pyc
_policybase.pyc
__init__.pyc
mime
application.pyc
audio.pyc
base.pyc
image.pyc
message.pyc
multipart.pyc
nonmultipart.pyc
text.pyc
__init__.pyc
encodings
aliases.pyc
ascii.pyc
base64_codec.pyc
big5.pyc
big5hkscs.pyc
bz2_codec.pyc
charmap.pyc
cp037.pyc
cp1006.pyc
cp1026.pyc
cp1125.pyc
cp1140.pyc
cp1250.pyc
cp1251.pyc
cp1252.pyc
cp1253.pyc
cp1254.pyc
cp1255.pyc
cp1256.pyc
cp1257.pyc
cp1258.pyc
cp273.pyc
cp424.pyc
cp437.pyc
cp500.pyc
cp720.pyc
cp737.pyc
cp775.pyc
cp850.pyc
cp852.pyc
cp855.pyc
cp856.pyc
cp857.pyc
cp858.pyc
cp860.pyc
cp861.pyc
cp862.pyc
cp863.pyc
cp864.pyc
cp865.pyc
cp866.pyc
cp869.pyc
cp874.pyc
cp875.pyc
cp932.pyc
cp949.pyc
cp950.pyc
euc_jisx0213.pyc
euc_jis_2004.pyc
euc_jp.pyc
euc_kr.pyc
gb18030.pyc
gb2312.pyc
gbk.pyc
hex_codec.pyc
hp_roman8.pyc
hz.pyc
idna.pyc
iso2022_jp.pyc
iso2022_jp_1.pyc
iso2022_jp_2.pyc
iso2022_jp_2004.pyc
iso2022_jp_3.pyc
iso2022_jp_ext.pyc
iso2022_kr.pyc
iso8859_1.pyc
iso8859_10.pyc
iso8859_11.pyc
iso8859_13.pyc
iso8859_14.pyc
iso8859_15.pyc
iso8859_16.pyc
iso8859_2.pyc
iso8859_3.pyc
iso8859_4.pyc
iso8859_5.pyc
iso8859_6.pyc
iso8859_7.pyc
iso8859_8.pyc
iso8859_9.pyc
johab.pyc
koi8_r.pyc
koi8_t.pyc
koi8_u.pyc
kz1048.pyc
latin_1.pyc
mac_arabic.pyc
mac_croatian.pyc
mac_cyrillic.pyc
mac_farsi.pyc
mac_greek.pyc
mac_iceland.pyc
mac_latin2.pyc
mac_roman.pyc
mac_romanian.pyc
mac_turkish.pyc
mbcs.pyc
oem.pyc
palmos.pyc
ptcp154.pyc
punycode.pyc
quopri_codec.pyc
raw_unicode_escape.pyc
rot_13.pyc
shift_jis.pyc
shift_jisx0213.pyc
shift_jis_2004.pyc
tis_620.pyc
undefined.pyc
unicode_escape.pyc
utf_16.pyc
utf_16_be.pyc
utf_16_le.pyc
utf_32.pyc
utf_32_be.pyc
utf_32_le.pyc
utf_7.pyc
utf_8.pyc
utf_8_sig.pyc
uu_codec.pyc
zlib_codec.pyc
__init__.pyc
html
http
client.pyc
cookiejar.pyc
server.pyc
__init__.pyc
importlib
abc.pyc
machinery.pyc
readers.pyc
simple.pyc
util.pyc
_abc.pyc
_bootstrap.pyc
_bootstrap_external.pyc
__init__.pyc
metadata
_adapters.pyc
_collections.pyc
_functools.pyc
_itertools.pyc
_meta.pyc
_text.pyc
__init__.pyc
resources
abc.pyc
readers.pyc
simple.pyc
_adapters.pyc
_common.pyc
_itertools.pyc
_legacy.pyc
__init__.pyc
json
decoder.pyc
encoder.pyc
scanner.pyc
tool.pyc
__init__.pyc
lib2to3
btm_matcher.pyc
btm_utils.pyc
fixer_base.pyc
fixer_util.pyc
Grammar3.11.9.final.0.pickle
Grammar.txt
main.pyc
patcomp.pyc
PatternGrammar3.11.9.final.0.pickle
PatternGrammar.txt
pygram.pyc
pytree.pyc
refactor.pyc
__init__.pyc
__main__.pyc
fixes
fix_apply.pyc
fix_asserts.pyc
fix_basestring.pyc
fix_buffer.pyc
fix_dict.pyc
fix_except.pyc
fix_exec.pyc
fix_execfile.pyc
fix_exitfunc.pyc
fix_filter.pyc
fix_funcattrs.pyc
fix_future.pyc
fix_getcwdu.pyc
fix_has_key.pyc
fix_idioms.pyc
fix_import.pyc
fix_imports.pyc
fix_imports2.pyc
fix_input.pyc
fix_intern.pyc
fix_isinstance.pyc
fix_itertools.pyc
fix_itertools_imports.pyc
fix_long.pyc
fix_map.pyc
fix_metaclass.pyc
fix_methodattrs.pyc
fix_ne.pyc
fix_next.pyc
fix_nonzero.pyc
fix_numliterals.pyc
fix_operator.pyc
fix_paren.pyc
fix_print.pyc
fix_raise.pyc
fix_raw_input.pyc
fix_reduce.pyc
fix_reload.pyc
fix_renames.pyc
fix_repr.pyc
fix_set_literal.pyc
fix_standarderror.pyc
fix_sys_exc.pyc
fix_throw.pyc
fix_tuple_params.pyc
fix_types.pyc
fix_unicode.pyc
fix_urllib.pyc
fix_ws_comma.pyc
fix_xrange.pyc
fix_xreadlines.pyc
fix_zip.pyc
__init__.pyc
pgen2
conv.pyc
driver.pyc
grammar.pyc
literals.pyc
parse.pyc
pgen.pyc
token.pyc
tokenize.pyc
__init__.pyc
logging
msilib
multiprocessing
connection.pyc
context.pyc
forkserver.pyc
heap.pyc
managers.pyc
pool.pyc
popen_fork.pyc
popen_forkserver.pyc
popen_spawn_posix.pyc
popen_spawn_win32.pyc
process.pyc
queues.pyc
reduction.pyc
resource_sharer.pyc
resource_tracker.pyc
sharedctypes.pyc
shared_memory.pyc
spawn.pyc
synchronize.pyc
util.pyc
__init__.pyc
dummy
connection.pyc
__init__.pyc
pydoc_data
re
_casefix.pyc
_compiler.pyc
_constants.pyc
_parser.pyc
__init__.pyc
site-packages
README.txt
sqlite3
tomllib
unittest
async_case.pyc
case.pyc
loader.pyc
main.pyc
mock.pyc
result.pyc
runner.pyc
signals.pyc
suite.pyc
util.pyc
_log.pyc
__init__.pyc
__main__.pyc
urllib
error.pyc
parse.pyc
request.pyc
response.pyc
robotparser.pyc
__init__.pyc
wsgiref
handlers.pyc
headers.pyc
simple_server.pyc
types.pyc
util.pyc
validate.pyc
__init__.pyc
xml
__init__.pyc
dom
domreg.pyc
expatbuilder.pyc
minicompat.pyc
minidom.pyc
NodeFilter.pyc
pulldom.pyc
xmlbuilder.pyc
__init__.pyc
etree
cElementTree.pyc
ElementInclude.pyc
ElementPath.pyc
ElementTree.pyc
__init__.pyc
parsers
expat.pyc
__init__.pyc
sax
expatreader.pyc
handler.pyc
saxutils.pyc
xmlreader.pyc
_exceptions.pyc
__init__.pyc
xmlrpc
zoneinfo
_common.pyc
_tzpath.pyc
_zoneinfo.pyc
__init__.pyc
__phello__
[Authenticode]_d1af6652.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
.reloc
Resources
RT_ICON
ID:0001
ID:1033
ID:1033-preview.png
ID:0002
ID:1033
ID:0003
ID:1033
ID:0004
ID:1033
ID:0005
ID:1033
ID:0006
ID:1033
ID:0007
ID:1033
ID:1033-preview.png
ID:0008
ID:1033
ID:0009
ID:1033
ID:000A
ID:1033
ID:000B
ID:1033
ID:000C
ID:1033
RT_GROUP_CURSOR4
ID:0001
ID:1033
RT_VERSION
ID:0001
ID:1033
run.py
[Authenticode]_e2fcc9e6.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
[Authenticode]_b00d8656.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
[Authenticode]_d877739c.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
[Authenticode]_1cb440e6.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.data
.idata
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
[Authenticode]_ae93b9bf.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
macOS
Malicious
Security.bin
[Authenticode]_3617576c.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
[Authenticode]_4d51ee45.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
[Authenticode]_29b30463.p7b
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rdata
.data
.rsrc
.reloc
Resources
RT_VERSION
ID:0001
ID:1033
RT_MANIFEST
ID:0002
ID:1033
Characteristics
No malware configuration were found at this point.
Artefacts
|
Name0 | Value | Location |
|---|---|---|
| URLs in VB Code - #1 | http://ocert.org/advisories/ocert-2011-003.html |
87d5fbaa3cd647071c51df0e07443c6f > Resources > RT_RCDATA > ID:0065 > ID:1033 > python311.zip > pydoc_data > topics.pyc |
| URLs in VB Code - #2 | https://www.unicode.org/Public/14.0.0/ucd/DerivedCoreProperties.txt |
87d5fbaa3cd647071c51df0e07443c6f > Resources > RT_RCDATA > ID:0065 > ID:1033 > python311.zip > pydoc_data > topics.pyc |
| URLs in VB Code - #3 | https://www.python.org/download/releases/2.3/mro/ |
87d5fbaa3cd647071c51df0e07443c6f > Resources > RT_RCDATA > ID:0065 > ID:1033 > python311.zip > pydoc_data > topics.pyc |
| URLs in VB Code - #1 | http://schemas.microsoft.com/windows/2004/02/mit/task |
87d5fbaa3cd647071c51df0e07443c6f > Resources > RT_RCDATA > ID:0065 > ID:1033 > macOS > run.py |
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.