Click to jump to signature section
| Source: Chione.exe | Virustotal: Detection: 23% | Perma Link |
| Source: Submited Sample | Integrated Neural Analysis Model: Matched 83.1% probability |
| Source: Chione.exe | Static PE information: HIGH_ENTROPY_VA, DYNAMIC_BASE, NX_COMPAT, GUARD_CF, TERMINAL_SERVER_AWARE |
| Source: | Binary string: api-ms-win-crt-locale-l1-1-0.pdb source: Chione.exe, 00000000.00000003.1682681007.0000015738205000.00000004.00000020.00020000.00000000.sdmp |
| Source: | Binary string: api-ms-win-crt-runtime-l1-1-0.pdb source: Chione.exe, 00000000.00000003.1683129186.0000015738205000.00000004.00000020.00020000.00000000.sdmp |
| Source: | Binary string: C:\src\pywin32\build\temp.win-amd64-cpython-311\Release\win32api.pdb source: Chione.exe, 00000001.00000002.2932250193.00007FFE0CFA3000.00000002.00000001.01000000.0000001E.sdmp |
| Source: | Binary string: C:\src\pywin32\build\temp.win-amd64-cpython-311\Release\win32api.pdb!! source: Chione.exe, 00000001.00000002.2932250193.00007FFE0CFA3000.00000002.00000001.01000000.0000001E.sdmp |
| Source: | Binary string: api-ms-win-core-file-l1-2-0.pdb source: Chione.exe, 00000000.00000003.1680307464.0000015738205000.00000004.00000020.00020000.00000000.sdmp |
| Source: | Binary string: ucrtbase.pdb source: Chione.exe, 00000001.00000002.2932135000.00007FFE01431000.00000002.00000001.01000000.00000004.sdmp |
| Source: | Binary string: api-ms-win-core-memory-l1-1-0.pdb source: Chione.exe, 00000000.00000003.1680904364.0000015738205000.00000004.00000020.00020000.00000000.sdmp |
| Source: | Binary string: api-ms-win-core-debug-l1-1-0.pdb source: Chione.exe, 00000000.00000003.1680040179.0000015738205000.00000004.00000020.00020000.00000000.sdmp |
| Source: | Binary string: compiler: cl /Zi /Fdossl_static.pdb /Gs0 /GF /Gy /MD /W3 /wd4090 /nologo /O2 -DL_ENDIAN -DOPENSSL_PIC source: Chione.exe, 00000001.00000002.2930418141.00007FFDFB3B1000.00000002.00000001.01000000.00000011.sdmp |
| Source: | Binary string: api-ms-win-core-sysinfo-l1-1-0.pdb source: Chione.exe, 00000000.00000003.1681840727.0000015738205000.00000004.00000020.00020000.00000000.sdmp |
| Source: | Binary string: api-ms-win-crt-filesystem-l1-1-0.pdb source: Chione.exe, 00000000.00000003.1682453427.0000015738205000.00000004.00000020.00020000.00000000.sdmp |
| Source: | Binary string: C:\src\pywin32\build\temp.win-amd64-cpython-311\Release\win32process.pdb source: Chione.exe, 00000001.00000002.2932726511.00007FFE0EB28000.00000002.00000001.01000000.0000001C.sdmp |
| Source: | Binary string: ~/.pdbrc source: Chione.exe, 00000001.00000002.2927681140.0000016A2D48C000.00000004.00001000.00020000.00000000.sdmp |
| Source: | Binary string: api-ms-win-crt-stdio-l1-1-0.pdb source: Chione.exe, 00000000.00000003.1683201457.0000015738205000.00000004.00000020.00020000.00000000.sdmp |
| Source: | Binary string: placed in the .pdbrc file): source: Chione.exe, 00000001.00000002.2925453016.0000016A2C853000.00000004.00000020.00020000.00000000.sdmp, Chione.exe, 00000001.00000002.2924522333.0000016A2BBEA000.00000004.00000020.00020000.00000000.sdmp |
| Source: | Binary string: D:\a\_work\1\s\binaries\amd64ret\bin\amd64\\vcruntime140.amd64.pdbGCTL source: Chione.exe, 00000000.00000003.1677094721.0000015738204000.00000004.00000020.00020000.00000000.sdmp, Chione.exe, 00000001.00000002.2934261899.00007FFE1A471000.00000002.00000001.01000000.00000006.sdmp |
| Source: | Binary string: D:\a\1\b\bin\amd64\_tkinter.pdb source: Chione.exe, 00000000.00000003.1679389219.0000015738205000.00000004.00000020.00020000.00000000.sdmp, Chione.exe, 00000001.00000002.2932949233.00007FFE101D8000.00000002.00000001.01000000.00000015.sdmp |
| Source: | Binary string: pdb.Pdb source: Chione.exe, 00000001.00000002.2927681140.0000016A2D48C000.00000004.00001000.00020000.00000000.sdmp |
| Source: | Binary string: D:\a\1\b\bin\amd64\_multiprocessing.pdb source: Chione.exe, 00000000.00000003.1678283615.0000015738205000.00000004.00000020.00020000.00000000.sdmp |
| Source: | Binary string: If a file ".pdbrc" exists in your home directory or in the current source: Chione.exe, 00000001.00000002.2925453016.0000016A2C853000.00000004.00000020.00020000.00000000.sdmp, Chione.exe, 00000001.00000002.2924522333.0000016A2BBEA000.00000004.00000020.00020000.00000000.sdmp |
| Source: | Binary string: api-ms-win-core-heap-l1-1-0.pdb source: Chione.exe, 00000000.00000003.1680574128.0000015738205000.00000004.00000020.00020000.00000000.sdmp |
| Source: | Binary string: D:\a\_work\1\s\binaries\amd64ret\bin\amd64\\vcruntime140_1.amd64.pdb source: Chione.exe, 00000000.00000003.1677292610.0000015738204000.00000004.00000020.00020000.00000000.sdmp, Chione.exe, 00000001.00000002.2933674081.00007FFE120C5000.00000002.00000001.01000000.0000001A.sdmp |
| Source: | Binary string: api-ms-win-core-util-l1-1-0.pdb source: Chione.exe, 00000000.00000003.1682013563.0000015738205000.00000004.00000020.00020000.00000000.sdmp |
| Source: | Binary string: api-ms-win-core-synch-l1-1-0.pdb source: Chione.exe, 00000000.00000003.1681697469.0000015738205000.00000004.00000020.00020000.00000000.sdmp |
| Source: | Binary string: api-ms-win-crt-environment-l1-1-0.pdb source: Chione.exe, 00000000.00000003.1682383118.0000015738205000.00000004.00000020.00020000.00000000.sdmp |
| Source: | Binary string: D:\a\1\b\bin\amd64\_ctypes.pdb source: Chione.exe, 00000001.00000002.2934076301.00007FFE13320000.00000002.00000001.01000000.00000008.sdmp |
| Source: | Binary string: D:\a\1\b\bin\amd64\_hashlib.pdb source: Chione.exe, 00000000.00000003.1678069764.0000015738205000.00000004.00000020.00020000.00000000.sdmp |
| Source: | Binary string: api-ms-win-core-errorhandling-l1-1-0.pdb source: Chione.exe, 00000000.00000003.1680133821.0000015738205000.00000004.00000020.00020000.00000000.sdmp |
| Source: | Binary string: @ compiler: cl /Zi /Fdossl_static.pdb /Gs0 /GF /Gy /MD /W3 /wd4090 /nologo /O2 -DL_ENDIAN -DOPENSSL_PICOpenSSL 3.0.9 30 May 20233.0.9built on: Tue Jul 11 19:52:20 2023 UTCplatform: VC-WIN64A-masmOPENSSLDIR: "C:\Program Files\Common Files\SSL"ENGINESDIR: "C:\Program Files\OpenSSL\lib\engines-3"MODULESDIR: "C:\Program Files\OpenSSL\lib\ossl-modules"CPUINFO: N/Anot availableget_and_lock..\s\crypto\ex_data.cossl_crypto_get_ex_new_index_exossl_crypto_new_ex_data_exCRYPTO_dup_ex_dataCRYPTO_set_ex_dataOPENSSL_WIN32_UTF8..\s\crypto\getenv.ccompiler: cl /Zi /Fdossl_static.pdb /Gs0 /GF /Gy /MD /W3 /wd4090 /nologo /O2 -DL_ENDIAN -DOPENSSL_PIC;CPUINFO: OPENSSL_ia32cap=0x%llx:0x%llxOPENSSL_ia32cap env:%sos-specificC:\Program Files\Common Files\SSLC:\Program Files\OpenSSL\lib\ossl-modules.dllCPUINFO: ..\s\crypto\init.cOPENSSL_init_cryptoOPENSSL_atexit..\s\crypto\initthread.c..\s\crypto\mem_sec.cassertion failed: (bit & 1) == 0assertion failed: list >= 0 && list < sh.freelist_sizeassertion failed: ((ptr - sh.arena) & ((sh.arena_size >> list) - 1)) == 0assertion failed: bit > 0 && bit < sh.bittable_sizeassertion failed: TESTBIT(table, bit)assertion failed: !TESTBIT(table, bit)assertion failed: WITHIN_FREELIST(list)assertion failed: WITHIN_ARENA(ptr)assertion failed: temp->next == NULL || WITHIN_ARENA(temp->next)assertion failed: (char **)temp->next->p_next == listassertion failed: WITHIN_FREELIST(temp2->p_next) || WITHIN_ARENA(temp2->p_next)assertion failed: size > 0assertion failed: (size & (size - 1)) == 0assertion failed: (minsize & (minsize - 1)) == 0assertion failed: sh.freelist != NULLassertion failed: sh.bittable != NULLassertion failed: sh.bitmalloc != NULLassertion failed: !sh_testbit(temp, slist, sh.bitmalloc)assertion failed: temp != sh.freelist[slist]assertion failed: sh.freelist[slist] == tempassertion failed: temp-(sh.arena_size >> slist) == sh_find_my_buddy(temp, slist)assertion failed: sh_testbit(chunk, list, sh.bittable)assertion failed: WITHIN_ARENA(chunk)assertion failed: sh_testbit(ptr, list, sh.bittable)assertion failed: ptr == sh_find_my_buddy(buddy, list)assertion failed: ptr != NULLassertion failed: !sh_testbit(ptr, list, sh.bitmalloc)assertion failed: sh.freelist[list] == ptr/*0123456789ABCDEFCRYPTO_memdup..\s\crypto\o_str.chexstr2buf_sepossl_hexstr2buf_sepbuf2hexstr_sepossl_buf2hexstr_sep..\s\crypto\packet.cwpacket_intern_init_lenWPACKET_start_sub_packet_len__..\s\crypto\param_build.cparam_pushparam_push_ |
Edit tour
Chione.exe (PID: 6872 cmdline: 
cmd.exe (PID: 7144 cmdline: 
