933b8b039bca9c8be71e71fc8440cad0_JaffaCakes118[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

933b8b039bca9c8be71e71fc8440cad0_JaffaCakes118.exe
Size

1018KB
MD5

933b8b039bca9c8be71e71fc8440cad0
SHA1

fe9d699d7f612aa013bfa42b637b50d258e631c9
SHA256

010848c2bf2dbf816a6edfb08e4cba18d71ff250e0f184c1472960678950f1c0
SHA512

c2ec53c13ec7a84bc2abed096708d5f7201eb573296a718081935f59797e280e878cb0b73bd761459d4a57716d674d2dccbd451bbc4cb6b458e12d713ce246a1
SSDEEP

24576:eckbYAUfz2L+crMM03NJxqRoam0EtGIjK:ecDAA6L+cn65bK

Score

1^/10

Malware Config

Signatures

Files

933b8b039bca9c8be71e71fc8440cad0_JaffaCakes118.exe
.dll windows:6 windows x64 arch:x64

b9cc4479759f9f18de4b1921cd7b8d2f

Code Sign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

02:fd:d8:26:61:a7:0c:76:59:ca:e2:24:bb:57:92:45
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

25/05/2021, 00:00

Not After

21/08/2024, 23:59

Subject

CN=TAOBAO (CHINA) SOFTWARE CO.\,LTD.,O=TAOBAO (CHINA) SOFTWARE CO.\,LTD.,L=杭州市,ST=浙江省,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

02:fd:d8:26:61:a7:0c:76:59:ca:e2:24:bb:57:92:45
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

25/05/2021, 00:00

Not After

21/08/2024, 23:59

Subject

CN=TAOBAO (CHINA) SOFTWARE CO.\,LTD.,O=TAOBAO (CHINA) SOFTWARE CO.\,LTD.,L=杭州市,ST=浙江省,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

57:d5:d7:be:38:dd:2a:11:d9:dc:a2:b6:70:2a:16:ab:49:f8:be:0d:d7:24:63:a0:b0:81:31:22:76:6f:aa:4f
Signer

Actual PE Digest

57:d5:d7:be:38:dd:2a:11:d9:dc:a2:b6:70:2a:16:ab:49:f8:be:0d:d7:24:63:a0:b0:81:31:22:76:6f:aa:4f

Digest Algorithm

sha256

PE Digest Matches

true

53:06:f1:ff:a0:bc:e4:8c:ea:e9:20:74:29:e8:74:fa:ba:c7:13:59
Signer

Actual PE Digest

53:06:f1:ff:a0:bc:e4:8c:ea:e9:20:74:29:e8:74:fa:ba:c7:13:59

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\jenkins\workspace\ci.xlite.build\build_64\Release\sqlite3.pdb

Imports

kernel32

FlushFileBuffers
GetTickCount
QueryPerformanceCounter
MapViewOfFile
CreateFileMappingW
FormatMessageA
GetSystemTime
GetSystemTimeAsFileTime
WideCharToMultiByte
FreeLibrary
SystemTimeToFileTime
GetProcessHeap
GetCurrentProcessId
GetFileSize
LockFileEx
LocalFree
GetProcAddress
UnlockFile
HeapDestroy
HeapCompact
HeapAlloc
LoadLibraryW
GetSystemInfo
CloseHandle
HeapReAlloc
DeleteFileW
DeleteFileA
WaitForSingleObjectEx
LoadLibraryA
CreateFileA
FlushViewOfFile
OutputDebugStringW
GetFileAttributesExW
GetFileAttributesA
GetLastError
GetDiskFreeSpaceA
FormatMessageW
GetTempPathA
Sleep
MultiByteToWideChar
HeapSize
HeapValidate
UnmapViewOfFile
GetFileAttributesW
CreateFileW
WaitForSingleObject
CreateMutexW
GetTempPathW
UnlockFileEx
SetEndOfFile
GetFullPathNameA
SetFilePointer
LockFile
OutputDebugStringA
GetDiskFreeSpaceW
WriteFile
GetFullPathNameW
HeapFree
HeapCreate
ReadFile
AreFileApisANSI
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
TryEnterCriticalSection
DeleteCriticalSection
GetCurrentThreadId
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext

vcruntime140

__C_specific_handler
__std_type_info_destroy_list
memcpy
memcmp
memset
memmove

api-ms-win-crt-string-l1-1-0

strcmp
strncmp
tolower
isdigit

api-ms-win-crt-heap-l1-1-0

free
_msize
realloc
malloc

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf

api-ms-win-crt-utility-l1-1-0

rand_s

api-ms-win-crt-convert-l1-1-0

atoi
_atoi64

api-ms-win-crt-time-l1-1-0

_localtime64_s

api-ms-win-crt-math-l1-1-0

_dclass
log

api-ms-win-crt-runtime-l1-1-0

_execute_onexit_table
_initialize_onexit_table
_initialize_narrow_environment
_beginthreadex
_endthreadex
_initterm_e
_seh_filter_dll
_configure_narrow_argv
_initterm
_cexit

Exports

Exports

deleteFts5AsyncInfo
sqlite3AbsInt32
sqlite3AddCheckConstraint
sqlite3AddCollateType
sqlite3AddColumn
sqlite3AddDefaultValue
sqlite3AddInt64
sqlite3AddNotNull
sqlite3AddPrimaryKey
sqlite3AffinityType
sqlite3AllocateIndexObject
sqlite3AlterBeginAddColumn
sqlite3AlterFinishAddColumn
sqlite3AlterFunctions
sqlite3AlterRenameTable
sqlite3AnalysisLoad
sqlite3Analyze
sqlite3ApiExit
sqlite3AppendChar
sqlite3ArrayAllocate
sqlite3AtoF
sqlite3Atoi
sqlite3Atoi64
sqlite3Attach
sqlite3AuthCheck
sqlite3AuthContextPop
sqlite3AuthContextPush
sqlite3AuthRead
sqlite3AuthReadCol
sqlite3AutoLoadExtensions
sqlite3AutoincrementBegin
sqlite3AutoincrementEnd
sqlite3BackupRestart
sqlite3BackupUpdate
sqlite3BeginBenignMalloc
sqlite3BeginTransaction
sqlite3BeginTrigger
sqlite3BeginWriteOperation
sqlite3BenignMallocHooks
sqlite3BinaryCompareCollSeq
sqlite3BitvecBuiltinTest
sqlite3BitvecClear
sqlite3BitvecCreate
sqlite3BitvecDestroy
sqlite3BitvecSet
sqlite3BitvecSize
sqlite3BitvecTest
sqlite3BitvecTestNotNull
sqlite3BtreeBeginStmt
sqlite3BtreeBeginTrans
sqlite3BtreeCheckpoint
sqlite3BtreeClearCursor
sqlite3BtreeClearTable
sqlite3BtreeClearTableOfCursor
sqlite3BtreeClose
sqlite3BtreeCloseCursor
sqlite3BtreeCommit
sqlite3BtreeCommitPhaseOne
sqlite3BtreeCommitPhaseTwo
sqlite3BtreeConnectionCount
sqlite3BtreeCopyFile
sqlite3BtreeCount
sqlite3BtreeCreateTable
sqlite3BtreeCursor
sqlite3BtreeCursorHasHint
sqlite3BtreeCursorHasMoved
sqlite3BtreeCursorHintFlags
sqlite3BtreeCursorRestore
sqlite3BtreeCursorSize
sqlite3BtreeCursorZero
sqlite3BtreeData
sqlite3BtreeDelete
sqlite3BtreeDropTable
sqlite3BtreeEnter
sqlite3BtreeEnterAll
sqlite3BtreeEnterCursor
sqlite3BtreeEof
sqlite3BtreeFirst
sqlite3BtreeGetAutoVacuum
sqlite3BtreeGetFilename
sqlite3BtreeGetJournalname
sqlite3BtreeGetMeta
sqlite3BtreeGetOptimalReserve
sqlite3BtreeGetPageSize
sqlite3BtreeGetReserveNoMutex
sqlite3BtreeIncrVacuum
sqlite3BtreeIncrblobCursor
sqlite3BtreeInsert
sqlite3BtreeIntegerKey
sqlite3BtreeIntegrityCheck
sqlite3BtreeIsInBackup
sqlite3BtreeIsInReadTrans
sqlite3BtreeIsInTrans
sqlite3BtreeIsReadonly
sqlite3BtreeKey
sqlite3BtreeLast
sqlite3BtreeLastPage
sqlite3BtreeLeave
sqlite3BtreeLeaveAll
sqlite3BtreeLeaveCursor
sqlite3BtreeLockTable
sqlite3BtreeMaxPageCount
sqlite3BtreeMovetoUnpacked
sqlite3BtreeNewDb
sqlite3BtreeNext
sqlite3BtreeOpen
sqlite3BtreePager
sqlite3BtreePayloadFetch
sqlite3BtreePayloadSize
sqlite3BtreePrevious
sqlite3BtreePutData
sqlite3BtreeRollback
sqlite3BtreeSavepoint
sqlite3BtreeSchema
sqlite3BtreeSchemaLocked
sqlite3BtreeSecureDelete
sqlite3BtreeSetAutoVacuum
sqlite3BtreeSetCacheSize
sqlite3BtreeSetMmapLimit
sqlite3BtreeSetPageSize
sqlite3BtreeSetPagerFlags
sqlite3BtreeSetSpillSize
sqlite3BtreeSetVersion
sqlite3BtreeSharable
sqlite3BtreeTripAllCursors
sqlite3BtreeUpdateMeta
sqlite3BuiltinFunctions
sqlite3CantopenError
sqlite3ChangeCookie
sqlite3CheckCollSeq
sqlite3CheckObjectName
sqlite3Checkpoint
sqlite3ClearTempRegCache
sqlite3CloseExtensions
sqlite3CloseSavepoints
sqlite3CodeDropTable
sqlite3CodeRowTrigger
sqlite3CodeRowTriggerDirect
sqlite3CodeSubselect
sqlite3CodeVerifyNamedSchema
sqlite3CodeVerifySchema
sqlite3CollapseDatabaseArray
sqlite3ColumnDefault
sqlite3ColumnOfIndex
sqlite3ColumnType
sqlite3ColumnsFromExprList
sqlite3CommitInternalChanges
sqlite3CommitTransaction
sqlite3CompareAffinity
sqlite3CompleteInsertion
sqlite3Config
sqlite3CorruptError
sqlite3CreateColumnExpr
sqlite3CreateForeignKey
sqlite3CreateFunc
sqlite3CreateIndex
sqlite3CreateView
sqlite3CtypeMap
sqlite3DbFree
sqlite3DbMallocRaw
sqlite3DbMallocRawNN
sqlite3DbMallocSize
sqlite3DbMallocZero
sqlite3DbNameToBtree
sqlite3DbRealloc
sqlite3DbReallocOrFree
sqlite3DbStrDup
sqlite3DbStrNDup
sqlite3DecOrHexToI64
sqlite3DefaultMutex
sqlite3DefaultRowEst
sqlite3DeferForeignKey
sqlite3DeleteColumnNames
sqlite3DeleteFrom
sqlite3DeleteIndexSamples
sqlite3DeleteTable
sqlite3DeleteTrigger
sqlite3DeleteTriggerStep
sqlite3Dequote
sqlite3Detach
sqlite3DropIndex
sqlite3DropTable
sqlite3DropTrigger
sqlite3DropTriggerPtr
sqlite3EndBenignMalloc
sqlite3EndTable
sqlite3ErrStr
sqlite3Error
sqlite3ErrorMsg
sqlite3ErrorWithMsg
sqlite3ExpirePreparedStatements
sqlite3Expr
sqlite3ExprAddCollateString
sqlite3ExprAddCollateToken
sqlite3ExprAffinity
sqlite3ExprAlloc
sqlite3ExprAnalyzeAggList
sqlite3ExprAnalyzeAggregates
sqlite3ExprAnd
sqlite3ExprAssignVarNumber
sqlite3ExprAttachSubtrees
sqlite3ExprCacheAffinityChange
sqlite3ExprCacheClear
sqlite3ExprCachePop
sqlite3ExprCachePush
sqlite3ExprCacheRemove
sqlite3ExprCacheStore
sqlite3ExprCanBeNull
sqlite3ExprCheckHeight
sqlite3ExprCheckIN
sqlite3ExprCode
sqlite3ExprCodeAndCache
sqlite3ExprCodeAtInit
sqlite3ExprCodeCopy
sqlite3ExprCodeExprList
sqlite3ExprCodeFactorable
sqlite3ExprCodeGetColumn
sqlite3ExprCodeGetColumnOfTable
sqlite3ExprCodeGetColumnToReg
sqlite3ExprCodeLoadIndexColumn
sqlite3ExprCodeMove
sqlite3ExprCodeTarget
sqlite3ExprCodeTemp
sqlite3ExprCollSeq
sqlite3ExprCompare
sqlite3ExprCoveredByIndex
sqlite3ExprDelete
sqlite3ExprDup
sqlite3ExprForVectorField
sqlite3ExprFunction
sqlite3ExprIfFalse
sqlite3ExprIfFalseDup
sqlite3ExprIfTrue
sqlite3ExprImpliesExpr
sqlite3ExprIsConstant
sqlite3ExprIsConstantNotJoin
sqlite3ExprIsConstantOrFunction
sqlite3ExprIsInteger
sqlite3ExprIsTableConstant
sqlite3ExprIsVector
sqlite3ExprListAppend
sqlite3ExprListAppendVector
sqlite3ExprListCheckLength
sqlite3ExprListCompare
sqlite3ExprListDelete
sqlite3ExprListDup
sqlite3ExprListFlags
sqlite3ExprListSetName
sqlite3ExprListSetSortOrder
sqlite3ExprListSetSpan
sqlite3ExprNeedsNoAffinityChange
sqlite3ExprSetHeightAndFlags
sqlite3ExprSkipCollate
sqlite3ExprVectorSize
sqlite3ExprWalkNoop
sqlite3FaultSim
sqlite3FindCollSeq
sqlite3FindDb
sqlite3FindDbName
sqlite3FindFunction
sqlite3FindInIndex
sqlite3FindIndex
sqlite3FindTable
sqlite3FinishCoding
sqlite3FinishTrigger
sqlite3FixExpr
sqlite3FixExprList
sqlite3FixInit
sqlite3FixSelect
sqlite3FixSrcList
sqlite3FixTriggerStep
sqlite3FkActions
sqlite3FkCheck
sqlite3FkDelete
sqlite3FkDropTable
sqlite3FkLocateIndex
sqlite3FkOldmask
sqlite3FkReferences
sqlite3FkRequired
sqlite3Fts5Init
sqlite3FunctionUsesThisSrc
sqlite3GenerateConstraintChecks
sqlite3GenerateIndexKey
sqlite3GenerateRowDelete
sqlite3GenerateRowIndexDelete
sqlite3Get4byte
sqlite3GetBoolean
sqlite3GetCollSeq
sqlite3GetInt32
sqlite3GetTempRange
sqlite3GetTempReg
sqlite3GetToken
sqlite3GetVTable
sqlite3GetVarint
sqlite3GetVarint32
sqlite3GetVdbe
sqlite3HaltConstraint
sqlite3HashClear
sqlite3HashFind
sqlite3HashInit
sqlite3HashInsert
sqlite3HeaderSizeBtree
sqlite3HeaderSizePcache
sqlite3HeaderSizePcache1
sqlite3HeapNearlyFull
sqlite3HexToBlob
sqlite3HexToInt
sqlite3IdListAppend
sqlite3IdListDelete
sqlite3IdListDup
sqlite3IdListIndex
sqlite3IndexAffinityOk
sqlite3IndexAffinityStr
sqlite3IndexedByLookup
sqlite3Init
sqlite3InitCallback
sqlite3Insert
sqlite3InsertBuiltinFuncs
sqlite3IntTokens
sqlite3InvalidFunction
sqlite3InvokeBusyHandler
sqlite3IsIdChar
sqlite3IsLikeFunction
sqlite3IsNaN
sqlite3IsReadOnly
sqlite3IsRowid
sqlite3JoinType
sqlite3JournalIsInMemory
sqlite3JournalModename
sqlite3JournalOpen
sqlite3JournalSize
sqlite3KeyInfoAlloc
sqlite3KeyInfoOfIndex
sqlite3KeyInfoRef
sqlite3KeyInfoUnref
sqlite3KeywordCode
sqlite3LeaveMutexAndCloseZombie
sqlite3LocateCollSeq
sqlite3LocateTable
sqlite3LocateTableItem
sqlite3LogEst
sqlite3LogEstAdd
sqlite3LogEstFromDouble
sqlite3MPrintf
sqlite3Malloc
sqlite3MallocEnd
sqlite3MallocInit
sqlite3MallocMutex
sqlite3MallocSize
sqlite3MallocZero
sqlite3MatchSpanName
sqlite3MaterializeView
sqlite3MayAbort
sqlite3MemCompare
sqlite3MemJournalOpen
sqlite3MemSetDefault
sqlite3MemoryBarrier
sqlite3MisuseError
sqlite3MulInt64
sqlite3MultiWrite
sqlite3MutexAlloc
sqlite3MutexEnd
sqlite3MutexInit
sqlite3NameFromToken
sqlite3NestedParse
sqlite3NoopMutex
sqlite3OomClear
sqlite3OomFault
sqlite3OpcodeName
sqlite3OpcodeProperty
sqlite3OpenMasterTable
sqlite3OpenTable
sqlite3OpenTableAndIndices
sqlite3OpenTempDatabase
sqlite3OsAccess
sqlite3OsCheckReservedLock
sqlite3OsClose
sqlite3OsCloseFree
sqlite3OsCurrentTimeInt64
sqlite3OsDelete
sqlite3OsDeviceCharacteristics
sqlite3OsDlClose
sqlite3OsDlError
sqlite3OsDlOpen
sqlite3OsDlSym
sqlite3OsFetch
sqlite3OsFileControl
sqlite3OsFileControlHint
sqlite3OsFileSize
sqlite3OsFullPathname
sqlite3OsGetLastError
sqlite3OsInit
sqlite3OsLock
sqlite3OsOpen
sqlite3OsOpenMalloc
sqlite3OsRandomness
sqlite3OsRead
sqlite3OsSectorSize
sqlite3OsShmBarrier
sqlite3OsShmLock
sqlite3OsShmMap
sqlite3OsShmUnmap
sqlite3OsSleep
sqlite3OsSync
sqlite3OsTruncate
sqlite3OsUnfetch
sqlite3OsUnlock
sqlite3OsWrite
sqlite3PCacheBufferSetup
sqlite3PCachePercentDirty
sqlite3PCacheSetDefault
sqlite3PExpr
sqlite3PExprAddSelect
sqlite3PageFree
sqlite3PageMalloc
sqlite3PagerAlignReserve
sqlite3PagerBackupPtr
sqlite3PagerBegin
sqlite3PagerCacheStat
sqlite3PagerCheckpoint
sqlite3PagerClearCache
sqlite3PagerClose
sqlite3PagerCloseWal
sqlite3PagerCodec
sqlite3PagerCommitPhaseOne
sqlite3PagerCommitPhaseTwo
sqlite3PagerDataVersion
sqlite3PagerDontWrite
sqlite3PagerExclusiveLock
sqlite3PagerFile
sqlite3PagerFilename
sqlite3PagerFlush
sqlite3PagerGet
sqlite3PagerGetCodec
sqlite3PagerGetData
sqlite3PagerGetExtra
sqlite3PagerGetJournalMode
sqlite3PagerIsMemdb
sqlite3PagerIsreadonly
sqlite3PagerJournalSizeLimit
sqlite3PagerJournalname
sqlite3PagerJrnlFile
sqlite3PagerLockingMode
sqlite3PagerLookup
sqlite3PagerMaxPageCount
sqlite3PagerMemUsed
sqlite3PagerMovepage
sqlite3PagerOkToChangeJournalMode
sqlite3PagerOpen
sqlite3PagerOpenSavepoint
sqlite3PagerOpenWal
sqlite3PagerPageRefcount
sqlite3PagerPagecount
sqlite3PagerReadFileheader
sqlite3PagerRef
sqlite3PagerRekey
sqlite3PagerRollback
sqlite3PagerSavepoint
sqlite3PagerSetBusyhandler
sqlite3PagerSetCachesize
sqlite3PagerSetCodec
sqlite3PagerSetFlags
sqlite3PagerSetJournalMode
sqlite3PagerSetMmapLimit
sqlite3PagerSetPagesize
sqlite3PagerSetSpillsize
sqlite3PagerSharedLock
sqlite3PagerShrink
sqlite3PagerState
sqlite3PagerSync
sqlite3PagerTempSpace
sqlite3PagerTruncateImage
sqlite3PagerUnref
sqlite3PagerUnrefNotNull
sqlite3PagerUseWal
sqlite3PagerVfs
sqlite3PagerWalCallback
sqlite3PagerWalSupported
sqlite3PagerWrite
sqlite3ParseUri
sqlite3Parser
sqlite3ParserAlloc
sqlite3ParserFree
sqlite3ParserReset
sqlite3Pcache1Mutex
sqlite3PcacheCleanAll
sqlite3PcacheClear
sqlite3PcacheClearSyncFlags
sqlite3PcacheClearWritable
sqlite3PcacheClose
sqlite3PcacheDirtyList
sqlite3PcacheDrop
sqlite3PcacheFetch
sqlite3PcacheFetchFinish
sqlite3PcacheFetchStress
sqlite3PcacheInitialize
sqlite3PcacheMakeClean
sqlite3PcacheMakeDirty
sqlite3PcacheMove
sqlite3PcacheOpen

Sections

.text
Size: 564KB - Virtual size: 564KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 185KB - Virtual size: 185KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 172KB - Virtual size: 174KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b9cc4479759f9f18de4b1921cd7b8d2f

Code Sign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08Certificate

Extended Key Usages

Key Usages

02:fd:d8:26:61:a7:0c:76:59:ca:e2:24:bb:57:92:45Certificate

Extended Key Usages

Key Usages

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08Certificate

Extended Key Usages

Key Usages

02:fd:d8:26:61:a7:0c:76:59:ca:e2:24:bb:57:92:45Certificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

57:d5:d7:be:38:dd:2a:11:d9:dc:a2:b6:70:2a:16:ab:49:f8:be:0d:d7:24:63:a0:b0:81:31:22:76:6f:aa:4fSigner

53:06:f1:ff:a0:bc:e4:8c:ea:e9:20:74:29:e8:74:fa:ba:c7:13:59Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

vcruntime140

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-runtime-l1-1-0

Exports

Exports

Sections

.text Size: 564KB - Virtual size: 564KB

.rdata Size: 185KB - Virtual size: 185KB

.data Size: 172KB - Virtual size: 174KB

.pdata Size: 39KB - Virtual size: 38KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 43KB - Virtual size: 43KB

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

02:fd:d8:26:61:a7:0c:76:59:ca:e2:24:bb:57:92:45
Certificate

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

02:fd:d8:26:61:a7:0c:76:59:ca:e2:24:bb:57:92:45
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

57:d5:d7:be:38:dd:2a:11:d9:dc:a2:b6:70:2a:16:ab:49:f8:be:0d:d7:24:63:a0:b0:81:31:22:76:6f:aa:4f
Signer

53:06:f1:ff:a0:bc:e4:8c:ea:e9:20:74:29:e8:74:fa:ba:c7:13:59
Signer

.text
Size: 564KB - Virtual size: 564KB

.rdata
Size: 185KB - Virtual size: 185KB

.data
Size: 172KB - Virtual size: 174KB

.pdata
Size: 39KB - Virtual size: 38KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 43KB - Virtual size: 43KB