SQLite3[.]dll | Triage

Sharing

Copy URL Twitter E-mail

General

Target

SQLite3.dll
Size

402KB
MD5

dc52b780658daeee823e03a5cc99c110
SHA1

7d90503313d0355a3c0c0902102a4d6e5bd42f12
SHA256

3e48947ef19790a4b12228a269d54d55705ffa3c783db8e0d4c52da5fda8db7c
SHA512

41810f7fcfe016c744062f11dec5e93295a2396a981b69cba846e7656c906d7251be94aa2e2f004c1051e76c86cd28e080778656b5d7f30cafb5da7895fe9c43
SSDEEP

6144:lXJj84yaQPacyEfXyVUcEgpoaQmnzp2KWSj8QqiBaxWfMFjWvSdwt:lF8dacnyYyVdxzaHYfMFFdw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SQLite3.dll

Files

SQLite3.dll
.dll windows:5 windows x86 arch:x86

af5a281101118ec5083f0d2ff6f74d85

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\Projects\requirements_sources\SQLite\amalgamation\SQLite3\Release\SQLite3.pdb

Imports

kernel32

GetFullPathNameW
GetFullPathNameA
CreateFileA
GetFileSize
SetFilePointer
SetEndOfFile
FreeLibrary
QueryPerformanceCounter
InterlockedCompareExchange
UnlockFile
LockFile
GetTickCount
GetSystemTimeAsFileTime
FormatMessageA
WriteFile
InitializeCriticalSection
WideCharToMultiByte
LoadLibraryW
Sleep
FormatMessageW
GetVersionExW
LeaveCriticalSection
GetFileAttributesA
GetFileAttributesW
ReadFile
CreateFileW
MultiByteToWideChar
FlushFileBuffers
GetTempPathW
GetLastError
GetProcAddress
LockFileEx
EnterCriticalSection
GetDiskFreeSpaceW
LoadLibraryA
GetDiskFreeSpaceA
DeleteCriticalSection
GetCurrentThreadId
CloseHandle
DeleteFileW
GetCurrentProcessId
GetTempPathA
LocalFree
GetSystemTime
AreFileApisANSI
DeleteFileA
DisableThreadLibraryCalls
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedExchange

msvcr90

_encode_pointer
_malloc_crt
_encoded_null
_decode_pointer
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_crt_debugger_hook
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
realloc
atoi
_localtime64_s
malloc
free
strncmp
memmove
memcpy
memset

Sections

.text
Size: 357KB - Virtual size: 357KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 692B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

af5a281101118ec5083f0d2ff6f74d85

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

msvcr90

Sections

.text Size: 357KB - Virtual size: 357KB

.rdata Size: 31KB - Virtual size: 30KB

.data Size: 2KB - Virtual size: 4KB

.rsrc Size: 1024B - Virtual size: 692B

.reloc Size: 9KB - Virtual size: 9KB

.text
Size: 357KB - Virtual size: 357KB

.rdata
Size: 31KB - Virtual size: 30KB

.data
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 692B

.reloc
Size: 9KB - Virtual size: 9KB