2c422be8340260f6dd558c3af303a144c456f86bfde8c2bb5f84495052f7b8c1

Sharing

Copy URL Twitter E-mail

General

Target

2c422be8340260f6dd558c3af303a144c456f86bfde8c2bb5f84495052f7b8c1
Size

787KB
MD5

b424e6a5686a7ea03b749f9f7f806a9f
SHA1

d89413d46c1ef107ba176fedc22d834cc09a01d7
SHA256

2c422be8340260f6dd558c3af303a144c456f86bfde8c2bb5f84495052f7b8c1
SHA512

aa6d8169dcd968e72c73cf28ba75eac136972bf14c94008a1090ae9b63ba800eec3ed252fe8ae66ae5cd456bae7df827020bbd891835c89721ccf35f3413084e
SSDEEP

24576:qYjWhXXg63DckjImh92I1duAv2CkNSSqdV:+RXg++I1duAeNSr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c422be8340260f6dd558c3af303a144c456f86bfde8c2bb5f84495052f7b8c1

Files

2c422be8340260f6dd558c3af303a144c456f86bfde8c2bb5f84495052f7b8c1
.dll windows:6 windows x86 arch:x86

af8d934c2fc5834b544d7ba973465e50

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\DCB\CBT_Main\BuildResults\bin\Release\sqlite.pdb

Imports

kernel32

FlushFileBuffers
GetTickCount
QueryPerformanceCounter
MapViewOfFile
CreateFileMappingW
FormatMessageA
GetSystemTime
GetSystemTimeAsFileTime
WideCharToMultiByte
FreeLibrary
SystemTimeToFileTime
GetProcessHeap
GetCurrentProcessId
GetFileSize
LockFileEx
LocalFree
GetProcAddress
UnlockFile
HeapDestroy
HeapCompact
HeapAlloc
GetSystemInfo
CloseHandle
HeapReAlloc
DeleteFileW
DeleteFileA
WaitForSingleObjectEx
CreateFileA
FlushViewOfFile
OutputDebugStringW
GetFileAttributesExW
GetFileAttributesA
GetLastError
GetDiskFreeSpaceA
FormatMessageW
GetTempPathA
Sleep
MultiByteToWideChar
HeapSize
HeapValidate
UnmapViewOfFile
GetFileAttributesW
CreateFileW
WaitForSingleObject
CreateMutexW
GetTempPathW
UnlockFileEx
SetEndOfFile
GetFullPathNameA
SetFilePointer
LockFile
OutputDebugStringA
GetDiskFreeSpaceW
WriteFile
GetFullPathNameW
HeapFree
HeapCreate
ReadFile
AreFileApisANSI
SetLastError
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
TryEnterCriticalSection
DeleteCriticalSection
GetCurrentThreadId
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
LoadLibraryA
LoadLibraryW
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter

vcruntime140

memset
_except_handler4_common
__std_type_info_destroy_list
memcmp
memcpy
memmove

api-ms-win-crt-heap-l1-1-0

malloc
_msize
realloc
free

api-ms-win-crt-string-l1-1-0

strcmp
strncmp
strlen
strcspn

api-ms-win-crt-time-l1-1-0

_localtime64_s

api-ms-win-crt-runtime-l1-1-0

_initialize_narrow_environment
_initialize_onexit_table
_initterm
_configure_narrow_argv
_cexit
_seh_filter_dll
_execute_onexit_table
_beginthreadex
_endthreadex
_initterm_e

api-ms-win-crt-math-l1-1-0

_except1

Exports

Exports

sqlite3_aggregate_context
sqlite3_aggregate_count
sqlite3_bind_blob
sqlite3_bind_double
sqlite3_bind_int
sqlite3_bind_int64
sqlite3_bind_null
sqlite3_bind_parameter_count
sqlite3_bind_parameter_index
sqlite3_bind_parameter_name
sqlite3_bind_text
sqlite3_busy_handler
sqlite3_busy_timeout
sqlite3_changes
sqlite3_clear_bindings
sqlite3_close
sqlite3_collation_needed
sqlite3_column_blob
sqlite3_column_bytes
sqlite3_column_count
sqlite3_column_decltype
sqlite3_column_double
sqlite3_column_int
sqlite3_column_int64
sqlite3_column_name
sqlite3_column_text
sqlite3_column_type
sqlite3_commit_hook
sqlite3_complete
sqlite3_create_collation
sqlite3_create_function
sqlite3_data_count
sqlite3_db_handle
sqlite3_enable_load_extension
sqlite3_errcode
sqlite3_errmsg
sqlite3_errstr
sqlite3_exec
sqlite3_expired
sqlite3_extended_errcode
sqlite3_finalize
sqlite3_free
sqlite3_free_table
sqlite3_get_autocommit
sqlite3_get_auxdata
sqlite3_get_table
sqlite3_global_recover
sqlite3_interrupt
sqlite3_last_insert_rowid
sqlite3_libversion
sqlite3_libversion_number
sqlite3_load_extension
sqlite3_mprintf
sqlite3_open
sqlite3_open_v2
sqlite3_prepare
sqlite3_prepare_v2
sqlite3_reset
sqlite3_result_blob
sqlite3_result_double
sqlite3_result_error
sqlite3_result_int
sqlite3_result_int64
sqlite3_result_null
sqlite3_result_text
sqlite3_result_value
sqlite3_set_auxdata
sqlite3_snprintf
sqlite3_step
sqlite3_temp_directory
sqlite3_total_changes
sqlite3_transfer_bindings
sqlite3_user_data
sqlite3_value_blob
sqlite3_value_bytes
sqlite3_value_double
sqlite3_value_int
sqlite3_value_int64
sqlite3_value_text
sqlite3_value_type
sqlite3_vmprintf

Sections

.text
Size: 361KB - Virtual size: 361KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 376KB - Virtual size: 380KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

af8d934c2fc5834b544d7ba973465e50

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

vcruntime140

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-math-l1-1-0

Exports

Exports

Sections

.text Size: 361KB - Virtual size: 361KB

.rdata Size: 42KB - Virtual size: 42KB

.data Size: 4KB - Virtual size: 5KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 376KB - Virtual size: 380KB

.text
Size: 361KB - Virtual size: 361KB

.rdata
Size: 42KB - Virtual size: 42KB

.data
Size: 4KB - Virtual size: 5KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 376KB - Virtual size: 380KB