Click to jump to signature section
| Source: Ao8sixO8Om.exe | Virustotal: Detection: 22% | Perma Link |
| Source: Ao8sixO8Om.exe | ReversingLabs: Detection: 13% |
| Source: Submited Sample | Integrated Neural Analysis Model: Matched 100.0% probability |
| Source: C:\Users\user\Desktop\Ao8sixO8Om.exe | Code function: 2_2_00007FFBAB785360 BCryptGenRandom,SystemFunction036,PyBytes_FromStringAndSize,PyBytes_AsString,memset,memcpy,memcpy,HeapFree,HeapFree, | 2_2_00007FFBAB785360 |
| Source: C:\Users\user\Desktop\Ao8sixO8Om.exe | Code function: 2_2_00007FFBBB4018E0 _Py_NoneStruct,_PyArg_UnpackKeywords,PyObject_GetBuffer,PyBuffer_IsContiguous,PyObject_GetBuffer,PyBuffer_IsContiguous,PyLong_AsUnsignedLong,PyLong_AsUnsignedLong,PyLong_AsUnsignedLong,EVP_PBE_scrypt,PyBytes_FromStringAndSize,PyEval_SaveThread,EVP_PBE_scrypt,PyEval_RestoreThread,PyExc_ValueError,PyErr_SetString,PyBuffer_Release,PyBuffer_Release,PyLong_AsLong,PyErr_Occurred,PyLong_AsLong,PyErr_Occurred,PyExc_ValueError,PyExc_ValueError,PyErr_Format,_PyArg_BadArgument,_PyArg_BadArgument,_PyArg_BadArgument,PyExc_TypeError,PyErr_Occurred,PyExc_TypeError,PyErr_Occurred,PyExc_TypeError,PyErr_Occurred,PyExc_TypeError,_PyArg_BadArgument,_PyArg_BadArgument,PyExc_OverflowError,PyExc_OverflowError,_Py_Dealloc,PyExc_ValueError, | 2_2_00007FFBBB4018E0 |
| Source: C:\Users\user\Desktop\Ao8sixO8Om.exe | Code function: 2_2_00007FFBBB406244 CRYPTO_memcmp, | 2_2_00007FFBBB406244 |
| Source: Ao8sixO8Om.exe | Static PE information: HIGH_ENTROPY_VA, DYNAMIC_BASE, NX_COMPAT, GUARD_CF, TERMINAL_SERVER_AWARE |
| Source: | Binary string: D:\a\1\b\bin\amd64\python312.pdb source: Ao8sixO8Om.exe, 00000002.00000002.1561560582.00007FFBAB024000.00000002.00000001.01000000.00000004.sdmp |
| Source: | Binary string: D:\a\1\b\bin\amd64\unicodedata.pdb source: Ao8sixO8Om.exe, 00000000.00000003.1466669781.000001BC346B4000.00000004.00000020.00020000.00000000.sdmp, Ao8sixO8Om.exe, 00000000.00000003.1572334144.000001BC346C0000.00000004.00000020.00020000.00000000.sdmp, Ao8sixO8Om.exe, 00000002.00000002.1565650695.00007FFBAB70F000.00000002.00000001.01000000.00000013.sdmp |
| Source: | Binary string: D:\a\1\b\libcrypto-3.pdb| source: Ao8sixO8Om.exe, 00000002.00000002.1558643243.00007FFBAAB61000.00000002.00000001.01000000.0000000C.sdmp, libcrypto-3.dll.0.dr |
| Source: | Binary string: cryptography_rust.pdbc source: Ao8sixO8Om.exe, 00000002.00000002.1557712622.00007FFBA9677000.00000002.00000001.01000000.0000000D.sdmp, _rust.pyd.0.dr |
| Source: | Binary string: D:\a\1\b\bin\amd64\_decimal.pdb source: _decimal.pyd.0.dr |
| Source: | Binary string: bcrypt_rust.pdbB source: Ao8sixO8Om.exe, 00000002.00000002.1566961770.00007FFBAB7B5000.00000002.00000001.01000000.0000000F.sdmp, _bcrypt.pyd.0.dr |
| Source: | Binary string: D:\a\_work\1\s\binaries\amd64ret\bin\amd64\\vcruntime140.amd64.pdb source: Ao8sixO8Om.exe, 00000000.00000003.1453550376.000001BC346B0000.00000004.00000020.00020000.00000000.sdmp, Ao8sixO8Om.exe, 00000002.00000002.1569127736.00007FFBC3523000.00000002.00000001.01000000.00000005.sdmp, VCRUNTIME140.dll.0.dr |
| Source: | Binary string: compiler: cl /Zi /Fdossl_static.pdb /Gs0 /GF /Gy /MD /W3 /wd4090 /nologo /O2 -DL_ENDIAN -DOPENSSL_PIC -D"OPENSSL_BUILDING_OPENSSL" -D"OPENSSL_SYS_WIN32" -D"WIN32_LEAN_AND_MEAN" -D"UNICODE" -D"_UNICODE" -D"_CRT_SECURE_NO_DEPRECATE" -D"_WINSOCK_DEPRECATED_NO_WARNINGS" -D"NDEBUG" source: Ao8sixO8Om.exe, 00000002.00000002.1558643243.00007FFBAAAC9000.00000002.00000001.01000000.0000000C.sdmp, libcrypto-3.dll.0.dr |
| Source: | Binary string: D:\a\_work\1\s\binaries\amd64ret\bin\amd64\\vcruntime140.amd64.pdbGCTL source: Ao8sixO8Om.exe, 00000000.00000003.1453550376.000001BC346B0000.00000004.00000020.00020000.00000000.sdmp, Ao8sixO8Om.exe, 00000002.00000002.1569127736.00007FFBC3523000.00000002.00000001.01000000.00000005.sdmp, VCRUNTIME140.dll.0.dr |
| Source: | Binary string: D:\a\1\b\libcrypto-3.pdb source: Ao8sixO8Om.exe, 00000002.00000002.1558643243.00007FFBAAB61000.00000002.00000001.01000000.0000000C.sdmp, libcrypto-3.dll.0.dr |
| Source: | Binary string: params.pparams.qparams.gpub_keypriv_keyossl_ec_group_new_excrypto\ec\ec_lib.cEC_GROUP_copyEC_GROUP_set_generatorEC_GROUP_set_curveEC_GROUP_get_curveEC_GROUP_get_degreeEC_GROUP_check_discriminantEC_POINT_newEC_POINT_copyEC_POINT_set_to_infinityEC_POINT_set_Jprojective_coordinates_GFpEC_POINT_set_affine_coordinatesEC_POINT_get_affine_coordinatesEC_POINT_addEC_POINT_dblEC_POINT_invertEC_POINT_is_at_infinityEC_POINT_is_on_curveEC_POINT_cmpEC_POINT_mulEC_GROUP_get_trinomial_basisEC_GROUP_get_pentanomial_basisgroup_new_from_nameossl_ec_group_set_paramsencodingdecoded-from-explicitEC_GROUP_new_from_paramsgeneratorcompiler: cl /Zi /Fdossl_static.pdb /MT /Zl /Gs0 /GF /Gy /W3 /wd4090 /nologo /O2 -DL_ENDIAN -DOPENSSL_PIC -D"OPENSSL_BUILDING_OPENSSL" -D"OPENSSL_SYS_WIN32" -D"WIN32_LEAN_AND_MEAN" -D"UNICODE" -D"_UNICODE" -D"_CRT_SECURE_NO_DEPRECATE" -D"_WINSOCK_DEPRECATED_NO_WARNINGS" -D"NDEBUG"3.4.0built on: Wed Nov 27 17:13:13 2024 UTCplatform: VC-WIN64AOPENSSLDIR: "C:\Program Files\Common Files\SSL"ENGINESDIR: "C:\Program Files\OpenSSL\lib\engines-3"MODULESDIR: "C:\Program Files\OpenSSL\lib\ossl-modules"CPUINFO: N/AOSSL_WINCTX: Undefinednot availablecrypto\init.cOPENSSL_init_cryptocrypto\bio\bio_lib.cBIO_new_exbio_read_internbio_write_internBIO_sendmmsgBIO_recvmmsgBIO_putsBIO_getsBIO_get_line BIO_ctrlBIO_callback_ctrlBIO_find_type source: Ao8sixO8Om.exe, 00000002.00000002.1557712622.00007FFBA9677000.00000002.00000001.01000000.0000000D.sdmp, _rust.pyd.0.dr |
| Source: | Binary string: compiler: cl /Zi /Fdossl_static.pdb /MT /Zl /Gs0 /GF /Gy /W3 /wd4090 /nologo /O2 -DL_ENDIAN -DOPENSSL_PIC -D"OPENSSL_BUILDING_OPENSSL" -D"OPENSSL_SYS_WIN32" -D"WIN32_LEAN_AND_MEAN" -D"UNICODE" -D"_UNICODE" -D"_CRT_SECURE_NO_DEPRECATE" -D"_WINSOCK_DEPRECATED_NO_WARNINGS" -D"NDEBUG" source: Ao8sixO8Om.exe, 00000002.00000002.1557712622.00007FFBA9677000.00000002.00000001.01000000.0000000D.sdmp, _rust.pyd.0.dr |
| Source: | Binary string: D:\a\1\b\bin\amd64\select.pdb source: Ao8sixO8Om.exe, 00000000.00000003.1465792285.000001BC346B4000.00000004.00000020.00020000.00000000.sdmp, Ao8sixO8Om.exe, 00000002.00000002.1568363245.00007FFBBC703000.00000002.00000001.01000000.0000000A.sdmp, select.pyd.0.dr |
| Source: | Binary string: D:\a\1\b\bin\amd64\_ctypes.pdb source: Ao8sixO8Om.exe, 00000002.00000002.1568859851.00007FFBC3461000.00000002.00000001.01000000.00000007.sdmp, _ctypes.pyd.0.dr |
| Source: | Binary string: D:\a\1\b\bin\amd64\_hashlib.pdb source: Ao8sixO8Om.exe, 00000000.00000003.1454680272.000001BC346B0000.00000004.00000020.00020000.00000000.sdmp, Ao8sixO8Om.exe, 00000002.00000002.1567915558.00007FFBBB407000.00000002.00000001.01000000.0000000B.sdmp, _hashlib.pyd.0.dr |
| Source: | Binary string: D:\a\1\b\bin\amd64\_decimal.pdb$$ source: _decimal.pyd.0.dr |
| Source: | Binary string: D:\a\1\b\bin\amd64\_lzma.pdbNN source: Ao8sixO8Om.exe, 00000000.00000003.1454858937.000001BC346B0000.00000004.00000020.00020000.00000000.sdmp, Ao8sixO8Om.exe, 00000002.00000002.1567430600.00007FFBB189C000.00000002.00000001.01000000.00000012.sdmp, _lzma.pyd.0.dr |
| Source: | Binary string: ossl_ec_GFp_simple_group_set_curvecrypto\ec\ecp_smpl.cossl_ec_GFp_simple_group_check_discriminantossl_ec_GFp_simple_point_set_affine_coordinatesossl_ec_GFp_simple_point_get_affine_coordinatesossl_ec_GFp_simple_make_affineossl_ec_GFp_simple_points_make_affineossl_ec_GFp_simple_field_invossl_ec_GFp_simple_blind_coordinatescompiler: cl /Zi /Fdossl_static.pdb /MT /Zl /Gs0 /GF /Gy /W3 /wd4090 /nologo /O2 -DL_ENDIAN -DOPENSSL_PIC -D"OPENSSL_BUILDING_OPENSSL" -D"OPENSSL_SYS_WIN32" -D"WIN32_LEAN_AND_MEAN" -D"UNICODE" -D"_UNICODE" -D"_CRT_SECURE_NO_DEPRECATE" -D"_WINSOCK_DEPRECATED_NO_WARNINGS" -D"NDEBUG";CPUINFO: OPENSSL_ia32cap=0x%llx:0x%llxOPENSSL_ia32cap env:%sos-specific.dllCPUINFO: crypto\initthread.cOPENSSL_ia32cap source: Ao8sixO8Om.exe, 00000002.00000002.1557712622.00007FFBA9677000.00000002.00000001.01000000.0000000D.sdmp, _rust.pyd.0.dr |
| Source: | Binary string: D:\a\1\b\bin\amd64\_lzma.pdb source: Ao8sixO8Om.exe, 00000000.00000003.1454858937.000001BC346B0000.00000004.00000020.00020000.00000000.sdmp, Ao8sixO8Om.exe, 00000002.00000002.1567430600.00007FFBB189C000.00000002.00000001.01000000.00000012.sdmp, _lzma.pyd.0.dr |
| Source: | Binary string: D:\a\1\b\bin\amd64\_bz2.pdb source: Ao8sixO8Om.exe, 00000000.00000003.1453740195.000001BC346B0000.00000004.00000020.00020000.00000000.sdmp, Ao8sixO8Om.exe, 00000002.00000002.1567692183.00007FFBB4C4D000.00000002.00000001.01000000.00000011.sdmp, _bz2.pyd.0.dr |
| Source: | Binary string: bcrypt_rust.pdb source: Ao8sixO8Om.exe, 00000002.00000002.1566961770.00007FFBAB7B5000.00000002.00000001.01000000.0000000F.sdmp, _bcrypt.pyd.0.dr |
| Source: | Binary string: @ compiler: cl /Zi /Fdossl_static.pdb /Gs0 /GF /Gy /MD /W3 /wd4090 /nologo /O2 -DL_ENDIAN -DOPENSSL_PIC -D"OPENSSL_BUILDING_OPENSSL" -D"OPENSSL_SYS_WIN32" -D"WIN32_LEAN_AND_MEAN" -D"UNICODE" -D"_UNICODE" -D"_CRT_SECURE_NO_DEPRECATE" -D"_WINSOCK_DEPRECATED_NO_WARNINGS" -D"NDEBUG"OpenSSL 3.0.13 30 Jan 20243.0.13built on: Mon Feb 5 17:39:09 2024 UTCplatform: VC-WIN64A-masmOPENSSLDIR: "C:\Program Files\Common Files\SSL"ENGINESDIR: "C:\Program Files\OpenSSL\lib\engines-3"MODULESDIR: "C:\Program Files\OpenSSL\lib\ossl-modules"CPUINFO: N/Anot availableget_and_lock..\s\crypto\ex_data.cossl_crypto_get_ex_new_index_exossl_crypto_new_ex_data_exCRYPTO_dup_ex_dataCRYPTO_set_ex_dataOPENSSL_WIN32_UTF8..\s\crypto\getenv.ccompiler: cl /Zi /Fdossl_static.pdb /Gs0 /GF /Gy /MD /W3 /wd4090 /nologo /O2 -DL_ENDIAN -DOPENSSL_PIC -D"OPENSSL_BUILDING_OPENSSL" -D"OPENSSL_SYS_WIN32" -D"WIN32_LEAN_AND_MEAN" -D"UNICODE" -D"_UNICODE" -D"_CRT_SECURE_NO_DEPRECATE" -D"_WINSOCK_DEPRECATED_NO_WARNINGS" -D"NDEBUG";CPUINFO: OPENSSL_ia32cap=0x%llx:0x%llxOPENSSL_ia32cap env:%sos-specificC:\Program Files\Common Files\SSLC:\Program Files\OpenSSL\lib\ossl-modules.dllCPUINFO: ..\s\crypto\init.cOPENSSL_init_cryptoOPENSSL_atexit..\s\crypto\initthread.c..\s\crypto\mem_sec.cassertion failed: (bit & 1) == 0assertion failed: list >= 0 && list < sh.freelist_sizeassertion failed: ((ptr - sh.arena) & ((sh.arena_size >> list) - 1)) == 0assertion failed: bit > 0 && bit < sh.bittable_sizeassertion failed: TESTBIT(table, bit)assertion failed: !TESTBIT(table, bit)assertion failed: WITHIN_FREELIST(list)assertion failed: WITHIN_ARENA(ptr)assertion failed: temp->next == NULL || WITHIN_ARENA(temp->next)assertion failed: (char **)temp->next->p_next == listassertion failed: WITHIN_FREELIST(temp2->p_next) || WITHIN_ARENA(temp2->p_next)assertion failed: size > 0assertion failed: (size & (size - 1)) == 0assertion failed: (minsize & (minsize - 1)) == 0assertion failed: sh.freelist != NULLassertion failed: sh.bittable != NULLassertion failed: sh.bitmalloc != NULLassertion failed: !sh_testbit(temp, slist, sh.bitmalloc)assertion failed: temp != sh.freelist[slist]assertion failed: sh.freelist[slist] == tempassertion failed: temp-(sh.arena_size >> slist) == sh_find_my_buddy(temp, slist)assertion failed: sh_testbit(chunk, list, sh.bittable)assertion failed: WITHIN_ARENA(chunk)assertion failed: sh_testbit(ptr, list, sh.bittable)assertion failed: ptr == sh_find_my_buddy(buddy, list)assert |
Edit tour
Ao8sixO8Om.exe (PID: 4676 cmdline: 
