StateRepository[.]Core[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

StateRepository.Core.dll
Size

516KB
MD5

300925d0606efec3243107c711420a1c
SHA1

48924a7d3a0344e3683c61ba1c6d4e991a2986d7
SHA256

a6298114977eea501bfa92863d74ac2a1cd0c960725fd3c43c60d1060316df76
SHA512

f4d8d04c291b3824125d05e825ab77195c6d39c70aecdd8a048666f48de1311d7bba668a226b5c877f2f525d3d7bd983449fa97b5a36992a5c197a1560fedaa8
SSDEEP

12288:Q5rmhXCemlGfBPIcYYW+OgKfqGUNTFX3X4UV8CS6N:lhXCe6GfBwclW5gKfqGUNTFX4UV8CSO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
StateRepository.Core.dll

Files

StateRepository.Core.dll
.dll windows:10 windows x86 arch:x86

6cec079e9ebb6e44dbd4829c6e8a501a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

staterepository.core.pdb

Imports

msvcrt

realloc
_beginthreadex
_msize
strncmp
_endthreadex
free
_except_handler4_common
memmove
_initterm
_amsg_exit
_XcptFilter
malloc
_ftol2
_ftol2_sse
memcmp
memcpy
memset

api-ms-win-core-file-l1-2-2

AreFileApisANSI
GetTempPathA

api-ms-win-core-file-l1-2-1

GetFileSize
FlushFileBuffers
UnlockFile
DeleteFileW
CreateFileA
GetFileAttributesExW
GetFileAttributesA
LockFileEx
GetDiskFreeSpaceA
GetFileAttributesW
ReadFile
CreateFileW
GetTempPathW
UnlockFileEx
SetEndOfFile
GetFullPathNameW
WriteFile
GetDiskFreeSpaceW
DeleteFileA
LockFile
GetFullPathNameA
SetFilePointer

api-ms-win-core-synch-l1-2-0

Sleep
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
TryEnterCriticalSection
CreateMutexW
WaitForSingleObjectEx
WaitForSingleObject

api-ms-win-core-heap-l1-2-0

HeapDestroy
HeapCompact
GetProcessHeap
HeapAlloc
HeapCreate
HeapFree
HeapValidate
HeapSize
HeapReAlloc

api-ms-win-core-debug-l1-1-1

OutputDebugStringW
OutputDebugStringA

api-ms-win-core-processthreads-l1-1-2

TerminateProcess
GetCurrentProcess
GetCurrentThreadId
GetCurrentProcessId

api-ms-win-core-memory-l1-1-2

UnmapViewOfFile
MapViewOfFile
FlushViewOfFile
CreateFileMappingW

api-ms-win-core-string-l1-1-0

WideCharToMultiByte
MultiByteToWideChar

api-ms-win-core-localization-l1-2-1

FormatMessageW
FormatMessageA

api-ms-win-core-errorhandling-l1-1-1

SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetLastError

api-ms-win-core-libraryloader-l1-2-2

LoadLibraryA
LoadLibraryW

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-sysinfo-l1-2-1

GetSystemTime
GetSystemTimeAsFileTime
GetSystemInfo
GetTickCount

api-ms-win-core-libraryloader-l1-2-0

GetProcAddress
FreeLibrary

api-ms-win-core-kernel32-legacy-l1-1-1

CreateFileMappingA

api-ms-win-core-heap-l2-1-0

LocalFree

api-ms-win-core-timezone-l1-1-0

SystemTimeToFileTime

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

Exports

Exports

sqlite3_aggregate_context
sqlite3_aggregate_count
sqlite3_auto_extension
sqlite3_backup_finish
sqlite3_backup_init
sqlite3_backup_pagecount
sqlite3_backup_remaining
sqlite3_backup_step
sqlite3_bind_blob
sqlite3_bind_blob64
sqlite3_bind_double
sqlite3_bind_int
sqlite3_bind_int64
sqlite3_bind_null
sqlite3_bind_parameter_count
sqlite3_bind_parameter_index
sqlite3_bind_parameter_name
sqlite3_bind_text
sqlite3_bind_text16
sqlite3_bind_text64
sqlite3_bind_value
sqlite3_bind_zeroblob
sqlite3_bind_zeroblob64
sqlite3_blob_bytes
sqlite3_blob_close
sqlite3_blob_open
sqlite3_blob_read
sqlite3_blob_reopen
sqlite3_blob_write
sqlite3_busy_handler
sqlite3_busy_timeout
sqlite3_cancel_auto_extension
sqlite3_changes
sqlite3_clear_bindings
sqlite3_close
sqlite3_close_v2
sqlite3_collation_needed
sqlite3_collation_needed16
sqlite3_column_blob
sqlite3_column_bytes
sqlite3_column_bytes16
sqlite3_column_count
sqlite3_column_decltype
sqlite3_column_decltype16
sqlite3_column_double
sqlite3_column_int
sqlite3_column_int64
sqlite3_column_name
sqlite3_column_name16
sqlite3_column_text
sqlite3_column_text16
sqlite3_column_type
sqlite3_column_value
sqlite3_commit_hook
sqlite3_compileoption_get
sqlite3_compileoption_used
sqlite3_complete
sqlite3_complete16
sqlite3_config
sqlite3_context_db_handle
sqlite3_create_collation
sqlite3_create_collation16
sqlite3_create_collation_v2
sqlite3_create_function
sqlite3_create_function16
sqlite3_create_function_v2
sqlite3_create_module
sqlite3_create_module_v2
sqlite3_data_count
sqlite3_db_config
sqlite3_db_filename
sqlite3_db_handle
sqlite3_db_mutex
sqlite3_db_readonly
sqlite3_db_release_memory
sqlite3_db_status
sqlite3_declare_vtab
sqlite3_enable_load_extension
sqlite3_enable_shared_cache
sqlite3_errcode
sqlite3_errmsg
sqlite3_errmsg16
sqlite3_errstr
sqlite3_exec
sqlite3_expired
sqlite3_extended_errcode
sqlite3_extended_result_codes
sqlite3_file_control
sqlite3_finalize
sqlite3_free
sqlite3_free_table
sqlite3_get_autocommit
sqlite3_get_auxdata
sqlite3_get_table
sqlite3_global_recover
sqlite3_initialize
sqlite3_interrupt
sqlite3_last_insert_rowid
sqlite3_libversion
sqlite3_libversion_number
sqlite3_limit
sqlite3_load_extension
sqlite3_log
sqlite3_malloc
sqlite3_malloc64
sqlite3_memory_alarm
sqlite3_memory_highwater
sqlite3_memory_used
sqlite3_mprintf
sqlite3_msize
sqlite3_mutex_alloc
sqlite3_mutex_enter
sqlite3_mutex_free
sqlite3_mutex_leave
sqlite3_mutex_try
sqlite3_next_stmt
sqlite3_open
sqlite3_open16
sqlite3_open_v2
sqlite3_os_end
sqlite3_os_init
sqlite3_overload_function
sqlite3_prepare
sqlite3_prepare16
sqlite3_prepare16_v2
sqlite3_prepare_v2
sqlite3_profile
sqlite3_progress_handler
sqlite3_randomness
sqlite3_realloc
sqlite3_realloc64
sqlite3_release_memory
sqlite3_reset
sqlite3_reset_auto_extension
sqlite3_result_blob
sqlite3_result_blob64
sqlite3_result_double
sqlite3_result_error
sqlite3_result_error16
sqlite3_result_error_code
sqlite3_result_error_nomem
sqlite3_result_error_toobig
sqlite3_result_int
sqlite3_result_int64
sqlite3_result_null
sqlite3_result_text
sqlite3_result_text16
sqlite3_result_text16be
sqlite3_result_text16le
sqlite3_result_text64
sqlite3_result_value
sqlite3_result_zeroblob
sqlite3_result_zeroblob64
sqlite3_rollback_hook
sqlite3_set_authorizer
sqlite3_set_auxdata
sqlite3_shutdown
sqlite3_sleep
sqlite3_snprintf
sqlite3_soft_heap_limit
sqlite3_soft_heap_limit64
sqlite3_sourceid
sqlite3_sql
sqlite3_status
sqlite3_status64
sqlite3_step
sqlite3_stmt_busy
sqlite3_stmt_readonly
sqlite3_stmt_status
sqlite3_strglob
sqlite3_stricmp
sqlite3_strnicmp
sqlite3_test_control
sqlite3_thread_cleanup
sqlite3_threadsafe
sqlite3_total_changes
sqlite3_trace
sqlite3_transfer_bindings
sqlite3_update_hook
sqlite3_uri_boolean
sqlite3_uri_int64
sqlite3_uri_parameter
sqlite3_user_data
sqlite3_value_blob
sqlite3_value_bytes
sqlite3_value_bytes16
sqlite3_value_double
sqlite3_value_dup
sqlite3_value_free
sqlite3_value_int
sqlite3_value_int64
sqlite3_value_numeric_type
sqlite3_value_text
sqlite3_value_text16
sqlite3_value_text16be
sqlite3_value_text16le
sqlite3_value_type
sqlite3_vfs_find
sqlite3_vfs_register
sqlite3_vfs_unregister
sqlite3_vmprintf
sqlite3_vsnprintf
sqlite3_vtab_config
sqlite3_vtab_on_conflict
sqlite3_wal_autocheckpoint
sqlite3_wal_checkpoint
sqlite3_wal_checkpoint_v2
sqlite3_wal_hook
sqlite3_win32_mbcs_to_utf8
sqlite3_win32_set_directory
sqlite3_win32_sleep
sqlite3_win32_utf8_to_mbcs
sqlite3_win32_write_debug

Sections

.text
Size: 493KB - Virtual size: 492KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6cec079e9ebb6e44dbd4829c6e8a501a

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

api-ms-win-core-file-l1-2-2

api-ms-win-core-file-l1-2-1

api-ms-win-core-synch-l1-2-0

api-ms-win-core-heap-l1-2-0

api-ms-win-core-debug-l1-1-1

api-ms-win-core-processthreads-l1-1-2

api-ms-win-core-memory-l1-1-2

api-ms-win-core-string-l1-1-0

api-ms-win-core-localization-l1-2-1

api-ms-win-core-errorhandling-l1-1-1

api-ms-win-core-libraryloader-l1-2-2

api-ms-win-core-handle-l1-1-0

api-ms-win-core-sysinfo-l1-2-1

api-ms-win-core-libraryloader-l1-2-0

api-ms-win-core-kernel32-legacy-l1-1-1

api-ms-win-core-heap-l2-1-0

api-ms-win-core-timezone-l1-1-0

api-ms-win-core-profile-l1-1-0

Exports

Exports

Sections

.text Size: 493KB - Virtual size: 492KB

.data Size: 4KB - Virtual size: 6KB

.idata Size: 3KB - Virtual size: 3KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 13KB - Virtual size: 13KB

.text
Size: 493KB - Virtual size: 492KB

.data
Size: 4KB - Virtual size: 6KB

.idata
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 13KB - Virtual size: 13KB