plsqldoc[.]zip

Resubmissions

11/06/2024, 11:08

240611-m8wbmavbpf 8

11/06/2024, 11:06

240611-m7n6xsvfjq 8

Sharing

Copy URL

Twitter E-mail

General

Target

plsqldoc.zip
Size

8.8MB
MD5

dcc36793ac1493f750631e606ba0ab63
SHA1

2ed30a2f0513bfdc04652194d8ef837383c05fac
SHA256

61e81c4bab7c086d4380e4629348f70714324d720df45da49a90460b6ca1e5ae
SHA512

9aa206c2c5f2e935f0e87f11b98b6259541957465c4d11b3824e209b8062a38b9a25c4f88cafa0a942b853a891993e86ebd4cdf9cf84bbec46cd14d648f65af1
SSDEEP

196608:+mete7YYZhUhtNo1FG/Xbqm7HfI2MN/FzT0AtyCoc5t7KqKw:we9chtN9Lt7HgjN/F8jc5Bn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/plsqldoc/APEX_IOFXCHECKED_x86.exe

Files

plsqldoc.zip
.zip
plsqldoc/APEX_IOFXCHECKED_x86.exe
.exe windows:5 windows x86 arch:x86

2bc23e92f1f371568ab687366f466bbe

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\APEX_IOFXCHECKED_x86\APEX_IOFXCHECKED_x86\Release\APEX_IOFXCHECKED_x86.pdb

Imports

kernel32

GetFileAttributesExW
GetFileSizeEx
GetFileTime
GetTempFileNameW
GetTempPathW
InitializeCriticalSectionAndSpinCount
GetTickCount
GetProfileIntW
SearchPathW
GetWindowsDirectoryW
GetNumberFormatW
GetUserDefaultLCID
ReplaceFileW
GetDiskFreeSpaceW
FindResourceExW
LocalUnlock
LocalLock
EncodePointer
DecodePointer
GetSystemTimeAsFileTime
HeapFree
HeapSetInformation
GetStartupInfoW
HeapAlloc
RtlUnwind
RaiseException
ExitThread
CreateThread
HeapSize
HeapQueryInformation
HeapReAlloc
GetSystemInfo
VirtualQuery
SetStdHandle
GetFileType
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
HeapCreate
HeapDestroy
GetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
QueryPerformanceCounter
FatalAppExitA
SetConsoleCtrlHandler
GetStringTypeW
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetTimeZoneInformation
LCMapStringW
GetConsoleCP
GetConsoleMode
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
WriteConsoleW
SetEnvironmentVariableA
InterlockedCompareExchange
SystemTimeToFileTime
FileTimeToSystemTime
lstrlenA
GetShortPathNameW
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFileTime
WriteFile
ReadFile
MoveFileW
CreateFileW
lstrcmpiW
GetThreadLocale
GetStringTypeExW
GetAtomNameW
GlobalGetAtomNameW
FreeResource
GlobalFindAtomW
GetCurrentProcessId
GlobalAddAtomW
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
GetVersionExW
lstrcpyW
DeleteFileW
InterlockedIncrement
CopyFileW
GlobalSize
FormatMessageW
CompareStringW
GlobalFlags
MulDiv
GetCurrentDirectoryW
CreateEventW
SuspendThread
SetEvent
WaitForSingleObject
ResumeThread
SetThreadPriority
CloseHandle
TlsFree
GlobalFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalUnlock
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalFree
LocalAlloc
InterlockedDecrement
ReleaseActCtx
CreateActCtxW
SetErrorMode
lstrlenW
lstrcmpA
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetModuleFileNameW
GetLocaleInfoW
CompareStringA
ActivateActCtx
LoadLibraryW
GetLastError
DeactivateActCtx
SetLastError
MultiByteToWideChar
FindResourceW
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
GlobalLock
lstrcmpW
GlobalAlloc
InterlockedExchange
FreeLibrary
LocalFileTimeToFileTime
FileTimeToLocalFileTime
SetFilePointer
SetFileAttributesW
ExitProcess
Sleep
OutputDebugStringA
GetCommandLineW
GetModuleHandleW
VirtualProtect
GetProcAddress
LoadLibraryA
GetFileAttributesW
VirtualAlloc

ole32

StgCreateDocfileOnILockBytes
OleSave
WriteClassStm
OleSaveToStream
OleCreateFromData
OleCreateLinkFromData
OleCreateStaticFromData
OleCreate
OleLoad
GetHGlobalFromILockBytes
OleSetContainedObject
OleCreateFromFile
OleCreateLinkToFile
OleGetIconOfClass
CreateItemMoniker
CreateGenericComposite
OleRegEnumVerbs
OleRegGetMiscStatus
OleRun
OleGetClipboard
PropVariantCopy
CoTaskMemAlloc
RevokeDragDrop
OleQueryCreateFromData
OleQueryLinkFromData
OleIsRunning
GetRunningObjectTable
CoGetMalloc
CreateOleAdviseHolder
CreateDataAdviseHolder
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoGetClassObject
CoRegisterClassObject
CoRevokeClassObject
CoRegisterMessageFilter
CLSIDFromProgID
SetConvertStg
ReleaseStgMedium
CreateBindCtx
CoInitializeEx
DoDragDrop
OleFlushClipboard
OleIsCurrentClipboard
OleSetClipboard
CreateStreamOnHGlobal
OleSetMenuDescriptor
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
StgIsStorageFile
StgOpenStorage
CreateFileMoniker
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfile
CLSIDFromString
StringFromGUID2
CoDisconnectObject
CoCreateInstance
OleDuplicateData
CoTreatAsClass
RegisterDragDrop
StringFromCLSID
CoInitialize
CoUninitialize
CoTaskMemFree
CoCreateGuid
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
CoLockObjectExternal
WriteFmtUserTypeStg

msimg32

TransparentBlt
AlphaBlend

comctl32

ImageList_GetImageCount
ord17
ImageList_GetIconSize
ImageList_ReplaceIcon
ImageList_GetIcon
ImageList_Create
ImageList_Destroy
ImageList_AddMasked
ImageList_Remove
ImageList_DrawEx

shlwapi

PathIsUNCW
PathStripToRootW
PathRemoveExtensionW
PathFindFileNameW
PathFindExtensionW
PathRemoveFileSpecW

oledlg

OleUIBusyW

gdiplus

GdipFree
GdipDeleteGraphics
GdipDisposeImage
GdipCreateBitmapFromHBITMAP
GdiplusStartup
GdiplusShutdown
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipCloneImage
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromFile
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromStream
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipGetImageGraphicsContext
GdipDrawImageI
GdipAlloc

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundW

user32

LoadImageW
GetMenuBarInfo
ReuseDDElParam
UnpackDDElParam
DefFrameProcW
DefMDIChildProcW
DrawMenuBar
TranslateMDISysAccel
MonitorFromPoint
UnionRect
EnableScrollBar
UpdateLayeredWindow
IsMenu
InSendMessage
CreateMenu
PostThreadMessageW
WaitMessage
SetMenuDefaultItem
IsClipboardFormatAvailable
SendNotifyMessageW
FrameRect
GetUpdateRect
EndDialog
GetNextDlgTabItem
CreateDialogIndirectParamW
GetMenuDefaultItem
OpenClipboard
CopyImage
SetClipboardData
CloseClipboard
EmptyClipboard
RegisterClipboardFormatW
CopyIcon
CharUpperBuffW
GetDoubleClickTime
GetIconInfo
IsCharLowerW
GetKeyNameTextW
MapVirtualKeyExW
SubtractRect
InvertRect
HideCaret
GetNextDlgGroupItem
MapDialogRect
DrawIcon
DestroyCursor
WindowFromDC
GetWindowRgn
GetDialogBaseUnits
EnumChildWindows
GetDCEx
GetTabbedTextExtentW
SetCapture
GetSystemMenu
LoadMenuW
SetClassLongW
GetAsyncKeyState
NotifyWinEvent
WindowFromPoint
CreatePopupMenu
DestroyAcceleratorTable
SetParent
RedrawWindow
SetWindowRgn
IsZoomed
IsIconic
IsRectEmpty
IntersectRect
DestroyMenu
GetMenuItemInfoW
InflateRect
CharUpperW
ScrollWindowEx
ShowWindow
MoveWindow
IsDialogMessageW
IsDlgButtonChecked
SetDlgItemTextW
SetDlgItemInt
GetDlgItemTextW
GetDlgItemInt
CheckRadioButton
CheckDlgButton
RegisterWindowMessageW
LoadIconW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
GetClassLongW
SetPropW
GetPropW
RemovePropW
IsWindow
SetFocus
GetWindowTextLengthW
GetForegroundWindow
SetActiveWindow
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
InsertMenuItemW
GetMessagePos
MonitorFromWindow
ScrollWindow
TrackPopupMenuEx
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
CreateWindowExW
GetClassInfoExW
RegisterClassW
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
CallWindowProcW
GetMenu
SetWindowLongW
SetWindowPos
GetWindowThreadProcessId
GetLastActivePopup
IsWindowEnabled
EnableWindow
MessageBoxW
GetSysColorBrush
GetClassInfoW
DefWindowProcW
MapWindowPoints
GetClientRect
LoadCursorW
SetLayeredWindowAttributes
GetSystemMetrics
EnumDisplayMonitors
SystemParametersInfoW
GetMonitorInfoW
SetRectEmpty
CopyRect
KillTimer
SetTimer
InvalidateRect
UpdateWindow
GetMenuStringW
AppendMenuW
GetMenuItemID
GetSubMenu
RemoveMenu
GetDesktopWindow
RealChildWindowFromPoint
GetWindow
GetDlgCtrlID
GetWindowRect
GetWindowLongW
GetClassNameW
PtInRect
GetWindowTextW
SetWindowTextW
GetSysColor
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
ScreenToClient
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
FillRect
InsertMenuW
GetMenuItemCount
DeleteMenu
ShowOwnedPopups
SetCursor
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
GetParent
ModifyMenuW
GetMenuState
TranslateAcceleratorW
DestroyIcon
LockWindowUpdate
BringWindowToTop
SetCursorPos
EnableMenuItem
CheckMenuItem
UnregisterClassW
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
GetActiveWindow
IsWindowVisible
SendMessageW
GetKeyState
PeekMessageW
GetCursorPos
ValidateRect
UnhookWindowsHookEx
PostMessageW
SetRect
CreateAcceleratorTableW
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
MapVirtualKeyW
ToUnicodeEx
CopyAcceleratorTableW
DrawFocusRect
DrawFrameControl
DrawEdge
DrawIconEx
DrawStateW
MessageBeep
GetMessageTime
ReleaseCapture
PostQuitMessage
OffsetRect

gdi32

SetTextColor
SetGraphicsMode
SetWorldTransform
ModifyWorldTransform
SetMapMode
GetClipBox
ExcludeClipRect
IntersectClipRect
OffsetClipRgn
LineTo
MoveToEx
SetTextAlign
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
GetLayout
SetLayout
SetArcDirection
SetColorAdjustment
DeleteObject
SelectClipRgn
GetClipRgn
CreateRectRgn
SelectClipPath
GetObjectW
GetViewportExtEx
GetWindowExtEx
BitBlt
GetPixel
StartDocW
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
CreateDIBPatternBrushPt
CreatePatternBrush
CreateCompatibleDC
GetStockObject
SetViewportExtEx
ScaleViewportExtEx
SelectPalette
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
GetDeviceCaps
CreatePen
ExtCreatePen
CreateSolidBrush
CreateHatchBrush
CopyMetaFileW
SetStretchBltMode
CreateDIBitmap
CreateFontIndirectW
CreateCompatibleBitmap
CreateRectRgnIndirect
GetTextMetricsW
EnumFontFamiliesW
GetTextCharsetInfo
GetTextExtentPoint32W
SetRectRgn
CombineRgn
GetMapMode
PatBlt
DPtoLP
GetCharWidthW
CreateFontW
StretchDIBits
GetCurrentObject
CreateDIBSection
CreateRoundRectRgn
CreatePolygonRgn
GetBkColor
GetTextColor
CreateEllipticRgn
Polyline
Ellipse
Polygon
OffsetRgn
GetRgnBox
SetDIBColorTable
GetDIBits
RealizePalette
StretchBlt
SetPixel
RoundRect
Rectangle
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
EnumFontFamiliesExW
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
GetNearestColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextAlign
GetTextFaceW
CreateMetaFileW
CloseMetaFile
DeleteMetaFile
SetPixelV
SetPolyFillMode
SetROP2
SetBkMode
SetBkColor
RestoreDC
SaveDC
DeleteDC
ExtSelectClipRgn
PolyBezierTo
PolylineTo
PolyDraw
ArcTo
GetCurrentPositionEx
ScaleWindowExtEx
SetWindowExtEx
CreateDCW
CreateBitmap
SetWindowOrgEx
OffsetWindowOrgEx

winspool.drv

GetJobW
OpenPrinterW
DocumentPropertiesW
ClosePrinter

comdlg32

GetFileTitleW

advapi32

SetFileSecurityW
RegEnumKeyExW
RegQueryValueW
RegEnumKeyW
RegDeleteValueW
RegEnumValueW
RegSetValueExW
RegDeleteKeyW
RegCreateKeyExW
RegSetValueW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
GetFileSecurityW

shell32

SHGetDesktopFolder
ShellExecuteExW
SHBrowseForFolderW
SHGetMalloc
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHAddToRecentDocs
SHAppBarMessage
DragQueryFileW
DragFinish
ExtractIconW
ShellExecuteW
SHGetFileInfoW

oleaut32

SysStringLen
SysAllocStringLen
VariantClear
VariantChangeType
VariantInit
RegisterTypeLi
SysStringByteLen
LoadRegTypeLi
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
LoadTypeLi
VariantCopy
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayCopy
SafeArrayGetElement
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
VariantTimeToSystemTime
SystemTimeToVariantTime
VarDateFromStr
SysReAllocStringLen
VarCyFromStr
VarBstrFromCy
SysAllocStringByteLen
SysAllocString
SafeArrayRedim
VarBstrFromDec
VarDecFromStr
VarBstrFromDate
SysFreeString

Exports

Exports

??4CAPEX_IOFXCHECKED_x86@@QAEAAV0@ABV0@@Z

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 478KB - Virtual size: 477KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

text
Size: 7.8MB - Virtual size: 7.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 185KB - Virtual size: 185KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
plsqldoc/APEX_IOFXCHECKED_x86.exe-slack
plsqldoc/WSsearch.ps1
.ps1
plsqldoc/frame.html
.html
plsqldoc/frame_Index.html
.html
plsqldoc/frame_home.html
.html
plsqldoc/index.html
.html
plsqldoc/index.html-slack
plsqldoc/plsqldoc.css
plsqldoc/plsqldoc.css-slack

Resubmissions

Sharing

General

Malware Config

Signatures

Files

2bc23e92f1f371568ab687366f466bbe

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

ole32

msimg32

comctl32

shlwapi

oledlg

gdiplus

oleacc

imm32

winmm

user32

gdi32

winspool.drv

comdlg32

advapi32

shell32

oleaut32

Exports

Exports

Sections

.text Size: 1.9MB - Virtual size: 1.9MB

.rdata Size: 478KB - Virtual size: 477KB

.data Size: 34KB - Virtual size: 64KB

text Size: 7.8MB - Virtual size: 7.8MB

.rsrc Size: 24KB - Virtual size: 23KB

.reloc Size: 185KB - Virtual size: 185KB

.text
Size: 1.9MB - Virtual size: 1.9MB

.rdata
Size: 478KB - Virtual size: 477KB

.data
Size: 34KB - Virtual size: 64KB

text
Size: 7.8MB - Virtual size: 7.8MB

.rsrc
Size: 24KB - Virtual size: 23KB

.reloc
Size: 185KB - Virtual size: 185KB