lib_mysqludf_sys_32[.]dll

General

Target

lib_mysqludf_sys_32.dll
Size

5KB
MD5

e24dbf9e5542b3c695785da6e73a7975
SHA1

fc4a7ef933030f5ef05fa0d22b19bf5e1ae23062
SHA256

2ec9759813901121d3cf74b9fba37f5413f965ed6e8c7cc1ba2f7a5b802ffc49
SHA512

0bb35d37c78a2ea80da6a671cbe5db062d2c055e6e8b56e5e7bd49e9bad0fe9218f40358fb87c13dce2db4fb35077cdab88ae5f205865d9f6752edd775d92c4f
SSDEEP

96:NTd9QafbXezVNHdGkf2jJ9s6OGZMBxtx51MLa6HlEbizGTw2rejUkZPNRv:NTdiYbOzJGh7VxZMBxtrbcIiKTw2ajUK

Score

7^/10

upx

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 1 IoCs

Detects file using ACProtect software.

resource	yara_rule
static1/unpack001/Device/HarddiskVolume3/$Recycle.Bin/S-1-5-21-1159581898-2029943322-2268025737-2727/$RNC412D/embedded/framework/data/exploits/mysql/lib_mysqludf_sys_32.dll	acprotect

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/Device/HarddiskVolume3/$Recycle.Bin/S-1-5-21-1159581898-2029943322-2268025737-2727/$RNC412D/embedded/framework/data/exploits/mysql/lib_mysqludf_sys_32.dll	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Device/HarddiskVolume3/$Recycle.Bin/S-1-5-21-1159581898-2029943322-2268025737-2727/$RNC412D/embedded/framework/data/exploits/mysql/lib_mysqludf_sys_32.dll
unpack002/out.upx

Files

lib_mysqludf_sys_32.dll
.zip

Password: S@ndb0x!2023@@
Device/HarddiskVolume3/$Recycle.Bin/S-1-5-21-1159581898-2029943322-2268025737-2727/$RNC412D/embedded/framework/data/exploits/mysql/lib_mysqludf_sys_32.dll
.dll windows x86

Password: S@ndb0x!2023@@

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

lib_mysqludf_sys_info
lib_mysqludf_sys_info_deinit
lib_mysqludf_sys_info_init
sys_bineval
sys_bineval_deinit
sys_bineval_init
sys_eval
sys_eval_deinit
sys_eval_init
sys_exec
sys_exec_deinit
sys_exec_init
sys_get
sys_get_deinit
sys_get_init
sys_set
sys_set_deinit
sys_set_init

Sections

UPX0
Size: - Virtual size: 24KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 688B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 428B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
manifest.json

Sharing

General

Malware Config

Signatures

Files

Password: S@ndb0x!2023@@

Password: S@ndb0x!2023@@

Headers

File Characteristics

Exports

Exports

Sections

UPX0 Size: - Virtual size: 24KB

UPX1 Size: 4KB - Virtual size: 4KB

.rsrc Size: 1KB - Virtual size: 4KB

Headers

File Characteristics

Sections

.text Size: 3KB - Virtual size: 2KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 864B

.rsrc Size: 1024B - Virtual size: 688B

.reloc Size: 512B - Virtual size: 428B

UPX0
Size: - Virtual size: 24KB

UPX1
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 1KB - Virtual size: 4KB

.text
Size: 3KB - Virtual size: 2KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 864B

.rsrc
Size: 1024B - Virtual size: 688B

.reloc
Size: 512B - Virtual size: 428B