ac547a079accbaaf8d630b3b0d0122b230c6bac0e4c626993e45bbbc9c2f52fc

Sharing

Copy URL Twitter E-mail

General

Target

ac547a079accbaaf8d630b3b0d0122b230c6bac0e4c626993e45bbbc9c2f52fc
Size

260KB
MD5

61d8379f5fa4d356bb4af4f58273255d
SHA1

77da12f9235689c71c99450300edacee85f7e23b
SHA256

ac547a079accbaaf8d630b3b0d0122b230c6bac0e4c626993e45bbbc9c2f52fc
SHA512

9716b861dc4407037f9348f1eb75c7b88986a732a2db01052b8c6e58945e03020fc5757663d27822f8e96cd93c1c68534b1214006cca2e5e037acbe86a0f5ab8
SSDEEP

6144:xFTAMTbIfE+t2XLATDYVLqTB3uZPXOMC:jTAMTbIfE+4k6qTJuZo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ac547a079accbaaf8d630b3b0d0122b230c6bac0e4c626993e45bbbc9c2f52fc

Files

ac547a079accbaaf8d630b3b0d0122b230c6bac0e4c626993e45bbbc9c2f52fc
.dll windows:6 windows x86 arch:x86

9e76e3f905d90ce27f4ff9b1fe2e4bbf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

commondatasetbase

?CopyLen@StringHelper@common@@YA_NPADIPBDZZ
??1TimeStamp@common@@QAE@XZ
??0TimeStamp@common@@QAE@XZ
??1SystemException@common@@UAE@XZ
??0SystemException@common@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H@Z
??0SystemException@common@@QAE@ABV01@@Z
?AnsiToUtf8@StringHelper@common@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAV34@@Z
??0RuntimeException@common@@QAE@ABV01@@Z
??0Exception@common@@QAE@ABV01@@Z
?GetInstance@BugChecker@common@@SAAAV12@XZ
?Throw@BugChecker@common@@QAEAAV12@XZ
?SetDumpMark@BugChecker@common@@QAEAAV12@_N@Z
?Assertion@BugChecker@common@@QAEAAV12@PBD00H@Z

sqlitedingli

sqlite3_column_int64
sqlite3_errmsg
sqlite3_bind_double
sqlite3_column_int
sqlite3_bind_blob
sqlite3_bind_int
sqlite3_exec
sqlite3_close
sqlite3_bind_int64
sqlite3_reset
sqlite3_bind_text
sqlite3_free
sqlite3_finalize
sqlite3_step
sqlite3_open_v2
sqlite3_prepare_v2

kernel32

DisableThreadLibraryCalls
GetTickCount64
GetSystemTimeAsFileTime
GetCurrentThreadId
QueryPerformanceCounter
IsProcessorFeaturePresent
IsDebuggerPresent
DecodePointer
EncodePointer
EnterCriticalSection
LeaveCriticalSection
MultiByteToWideChar
FileTimeToLocalFileTime
FindClose
FindFirstFileW
FileTimeToDosDateTime

msvcp110

?_Winerror_map@std@@YAPBDH@Z
?_Syserror_map@std@@YAPBDH@Z
?_Xbad_alloc@std@@YAXXZ
?_Xout_of_range@std@@YAXPBD@Z
?_Xlength_error@std@@YAXPBD@Z
??0id@locale@std@@QAE@I@Z
?_Orphan_all@_Container_base0@std@@QAEXXZ

msvcr110

memcpy
memcmp
floor
_libm_sse2_cos_precise
__CxxFrameHandler3
_CxxThrowException
__clean_type_info_names_internal
_except_handler4_common
__crtTerminateProcess
__crtUnhandledException
_crt_debugger_hook
_initterm_e
_initterm
_malloc_crt
_amsg_exit
__CppXcptFilter
memmove
_purecall
??3@YAXPAX@Z
??2@YAPAXI@Z
free
malloc
memchr
realloc
_wremove
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@ABV01@@Z
ceil
memset
_lock
_unlock
_calloc_crt
__dllonexit
_onexit
??1type_info@@UAE@XZ
?terminate@@YAXXZ

Exports

Exports

CreateOriginalDataFormater
CreateParamAndStructDBFileFormater
CreateParamAndStructDBFileReader
CreateRawDBFileFormater
FreeFileHandle
FreeParamAndStructDBFileFormaterHandle
FreeParamAndStructDBFileReaderHandle
FreeRawDBFileHandle

Sections

.text
Size: 124KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 117KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 872B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9e76e3f905d90ce27f4ff9b1fe2e4bbf

Headers

DLL Characteristics

File Characteristics

Imports

commondatasetbase

sqlitedingli

kernel32

msvcp110

msvcr110

Exports

Exports

Sections

.text Size: 124KB - Virtual size: 124KB

.rdata Size: 117KB - Virtual size: 117KB

.data Size: 3KB - Virtual size: 5KB

.rsrc Size: 1024B - Virtual size: 872B

.reloc Size: 13KB - Virtual size: 12KB

.text
Size: 124KB - Virtual size: 124KB

.rdata
Size: 117KB - Virtual size: 117KB

.data
Size: 3KB - Virtual size: 5KB

.rsrc
Size: 1024B - Virtual size: 872B

.reloc
Size: 13KB - Virtual size: 12KB