dbnetlib[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

dbnetlib.dll
Size

127KB
MD5

3a6a0314b817168b5f1e273a5c4a69d9
SHA1

fc7cad7c5835a831dca60eab730b2c8ec91db91a
SHA256

bc248065c32581d5a3d6baca2e142b3fb7adea2c2c072e722bccc0d7b81f8c46
SHA512

cf2c6d86647e530c79843d3f47c9898ca56809a6661094bc724d9b29f483fab0f4e413564e9588304c661cf0bdccce179cb6a68d0eb4f8314ef71eb4ba47dbf0
SSDEEP

1536:rEuRf3mMS3H8m8pFpCJdSC9OVOdFGszAa9ASwgBuaNr4DC+LmbYq54fyDemAvzDn:XlNJ/CJdSXOnfsuuO4P8cd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dbnetlib.dll

Files

dbnetlib.dll
.dll windows:6 windows x64 arch:x64

e5393d072b8e174c307958911e5bba09

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

DBnetlib.pdb

Imports

msvcrt

isdigit
strchr
strstr
_stricmp
malloc
getenv
free
wcsncpy_s
_ultow_s
_wcsicmp
_vsnprintf
memmove
_wcsupr
wcsstr
atoi
_strnicmp
toupper
_strupr
_strlwr
_XcptFilter
_amsg_exit
_initterm
__C_specific_handler
calloc
strtok_s
memcmp
memcpy
memset
strcmp

kernel32

GetTickCount
GetSystemTimeAsFileTime
QueryPerformanceCounter
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
Sleep
SetThreadErrorMode
CompareStringA
LocalAlloc
GetCurrentThreadId
GetModuleFileNameW
LoadLibraryExW
GetLastError
VirtualQuery
FreeLibrary
GetProcAddress
GetCurrentProcessId
GetSystemDirectoryW
GetFullPathNameW
SearchPathW
GetDriveTypeW
OutputDebugStringW
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
DisableThreadLibraryCalls
EncodePointer
GetVersionExA
GetComputerNameA
DecodePointer
GetTickCount64
MultiByteToWideChar
WideCharToMultiByte
SetHandleInformation

advapi32

RegQueryValueExA
RegSetValueExA
RegCreateKeyExA
RegDeleteValueA
RegEnumValueA
RegQueryInfoKeyA
RegGetValueW
RegOpenKeyExA
UnregisterTraceGuids
RegisterTraceGuidsA
RegCloseKey
RegQueryValueExW
RegOpenKeyExW

ws2_32

getnameinfo
WSAStringToAddressA
freeaddrinfo
connect
socket
getaddrinfo
__WSAFDIsSet
ioctlsocket
htonl
htons
select
closesocket
send
recv
setsockopt
WSAGetLastError
WSASetLastError
WSAStartup
sendto

Exports

Exports

CloseEnumServers
ConnectionCheckForData
ConnectionClose
ConnectionError
ConnectionErrorW
ConnectionFlushCache
ConnectionGetSvrUser
ConnectionMode
ConnectionObjectSize
ConnectionOpen
ConnectionOpenW
ConnectionOption
ConnectionRead
ConnectionServerEnum
ConnectionServerEnumW
ConnectionSqlVer
ConnectionStatus
ConnectionTransact
ConnectionVer
ConnectionWrite
ConnectionWriteOOB
GenClientContext
GenClientContextEx
GetNextEnumeration
InitEnumServers
InitSSPIPackage
InitSession
InitSessionEx
TermSSPIPackage
TermSession
TermSessionEx

Sections

.text
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.sdbid
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e5393d072b8e174c307958911e5bba09

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

kernel32

advapi32

ws2_32

Exports

Exports

Sections

.text Size: 106KB - Virtual size: 106KB

.data Size: 6KB - Virtual size: 6KB

.pdata Size: 3KB - Virtual size: 2KB

.idata Size: 3KB - Virtual size: 3KB

.sdbid Size: 4KB - Virtual size: 3KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 106KB - Virtual size: 106KB

.data
Size: 6KB - Virtual size: 6KB

.pdata
Size: 3KB - Virtual size: 2KB

.idata
Size: 3KB - Virtual size: 3KB

.sdbid
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB