79210042131bf5e485621ab49cece0eda365fdbbb3d9994dc312c2f3e4df10bf

Sharing

Copy URL

Twitter E-mail

General

Target

79210042131bf5e485621ab49cece0eda365fdbbb3d9994dc312c2f3e4df10bf
Size

5.7MB
MD5

b87a4f02e4c7a42ed191ce493d057fa8
SHA1

9bccfbb2332b1f2f0427e5597603dff0204d5512
SHA256

79210042131bf5e485621ab49cece0eda365fdbbb3d9994dc312c2f3e4df10bf
SHA512

56df4d943cff531ef4b7b65a44a98a0f86a40ce5fe0047c19d68d0c920a988fe60b4209298eb1ce78db980e6fff9b7806077dbe937fd033cdbe22e4240ec5c70
SSDEEP

98304:RCPVZPoIRgMwCoZ0ictC6iVvml6sIpUfB459ldp7IfQcd0lj/Mm56xSPSwC7iO:RW5gKuq6GfB4J7bcWljkmlPSwCj

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
79210042131bf5e485621ab49cece0eda365fdbbb3d9994dc312c2f3e4df10bf
unpack001/out.upx

Files

79210042131bf5e485621ab49cece0eda365fdbbb3d9994dc312c2f3e4df10bf
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 9.9MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 5.5MB - Virtual size: 5.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 140KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

??0Backup@SQLite@@QAE@AAVDatabase@1@0@Z
??0Backup@SQLite@@QAE@AAVDatabase@1@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@01@Z
??0Backup@SQLite@@QAE@AAVDatabase@1@PBD01@Z
??0Column@SQLite@@QAE@$$QAV01@@Z
??0Column@SQLite@@QAE@ABV01@@Z
??0Column@SQLite@@QAE@ABV?$shared_ptr@Usqlite3_stmt@@@std@@H@Z
??0Database@SQLite@@QAE@$$QAV01@@Z
??0Database@SQLite@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@HH0@Z
??0Database@SQLite@@QAE@ABVpath@filesystem@std@@HHABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@4@@Z
??0Database@SQLite@@QAE@PBDHH0@Z
??0Exception@SQLite@@QAE@$$QAV01@@Z
??0Exception@SQLite@@QAE@ABV01@@Z
??0Exception@SQLite@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0Exception@SQLite@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H@Z
??0Exception@SQLite@@QAE@PAUsqlite3@@@Z
??0Exception@SQLite@@QAE@PAUsqlite3@@H@Z
??0Exception@SQLite@@QAE@PBD@Z
??0Exception@SQLite@@QAE@PBDH@Z
??0Statement@SQLite@@QAE@$$QAV01@@Z
??0Statement@SQLite@@QAE@ABVDatabase@1@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0Statement@SQLite@@QAE@ABVDatabase@1@PBD@Z
??1Backup@SQLite@@QAE@XZ
??1Column@SQLite@@QAE@XZ
??1Database@SQLite@@QAE@XZ
??1Exception@SQLite@@UAE@XZ
??1Statement@SQLite@@QAE@XZ
??4Column@SQLite@@QAEAAV01@$$QAV01@@Z
??4Column@SQLite@@QAEAAV01@ABV01@@Z
??4Database@SQLite@@QAEAAV01@$$QAV01@@Z
??4Exception@SQLite@@QAEAAV01@$$QAV01@@Z
??4Exception@SQLite@@QAEAAV01@ABV01@@Z
??4Statement@SQLite@@QAEAAV01@$$QAV01@@Z
??6SQLite@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@std@@AAV12@ABVColumn@0@@Z
??BColumn@SQLite@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
??BColumn@SQLite@@QBECXZ
??BColumn@SQLite@@QBEDXZ
??BColumn@SQLite@@QBEEXZ
??BColumn@SQLite@@QBEFXZ
??BColumn@SQLite@@QBEGXZ
??BColumn@SQLite@@QBEHXZ
??BColumn@SQLite@@QBEIXZ
??BColumn@SQLite@@QBENXZ
??BColumn@SQLite@@QBEPBDXZ
??BColumn@SQLite@@QBEPBXXZ
??BColumn@SQLite@@QBE_JXZ
??RDeleter@Database@SQLite@@QAEXPAUsqlite3@@@Z
??_7Exception@SQLite@@6B@
?BLOB@SQLite@@3HB
?FLOAT@SQLite@@3HB
?INTEGER@SQLite@@3HB
?Null@SQLite@@3HB
?OK@SQLite@@3HB
?OPEN_CREATE@SQLite@@3HB
?OPEN_FULLMUTEX@SQLite@@3HB
?OPEN_MEMORY@SQLite@@3HB
?OPEN_NOFOLLOW@SQLite@@3HB
?OPEN_NOMUTEX@SQLite@@3HB
?OPEN_PRIVATECACHE@SQLite@@3HB
?OPEN_READONLY@SQLite@@3HB
?OPEN_READWRITE@SQLite@@3HB
?OPEN_SHAREDCACHE@SQLite@@3HB
?OPEN_URI@SQLite@@3HB
?TEXT@SQLite@@3HB
?VERSION@SQLite@@3QBDB
?VERSION_NUMBER@SQLite@@3HB
?backup@Database@SQLite@@QAEXPBDW4BackupType@12@@Z
?bind@Statement@SQLite@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0@Z
?bind@Statement@SQLite@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?bind@Statement@SQLite@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H@Z
?bind@Statement@SQLite@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@I@Z
?bind@Statement@SQLite@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@N@Z
?bind@Statement@SQLite@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PBD@Z
?bind@Statement@SQLite@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PBXH@Z
?bind@Statement@SQLite@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@_J@Z
?bind@Statement@SQLite@@QAEXH@Z
?bind@Statement@SQLite@@QAEXHABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?bind@Statement@SQLite@@QAEXHH@Z
?bind@Statement@SQLite@@QAEXHI@Z
?bind@Statement@SQLite@@QAEXHN@Z
?bind@Statement@SQLite@@QAEXHPBD@Z
?bind@Statement@SQLite@@QAEXHPBXH@Z
?bind@Statement@SQLite@@QAEXH_J@Z
?bind@Statement@SQLite@@QAEXPBD0@Z
?bind@Statement@SQLite@@QAEXPBD@Z
?bind@Statement@SQLite@@QAEXPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?bind@Statement@SQLite@@QAEXPBDH@Z
?bind@Statement@SQLite@@QAEXPBDI@Z
?bind@Statement@SQLite@@QAEXPBDN@Z
?bind@Statement@SQLite@@QAEXPBDPBXH@Z
?bind@Statement@SQLite@@QAEXPBD_J@Z
?bindNoCopy@Statement@SQLite@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0@Z
?bindNoCopy@Statement@SQLite@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PBD@Z
?bindNoCopy@Statement@SQLite@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PBXH@Z
?bindNoCopy@Statement@SQLite@@QAEXHABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?bindNoCopy@Statement@SQLite@@QAEXHPBD@Z
?bindNoCopy@Statement@SQLite@@QAEXHPBXH@Z
?bindNoCopy@Statement@SQLite@@QAEXPBD0@Z
?bindNoCopy@Statement@SQLite@@QAEXPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?bindNoCopy@Statement@SQLite@@QAEXPBDPBXH@Z
?check@Database@SQLite@@QBEXH@Z
?check@Statement@SQLite@@ABEXH@Z
?checkIndex@Statement@SQLite@@ABEXH@Z
?checkRow@Statement@SQLite@@ABEXXZ
?clearBindings@Statement@SQLite@@QAEXXZ
?createFunction@Database@SQLite@@QAEXPBDH_NPAXP6AXPAUsqlite3_context@@HPAPAUsqlite3_value@@@Z5P6AX3@ZP6AX2@Z@Z
?exec@Database@SQLite@@QAEHABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?exec@Database@SQLite@@QAEHPBD@Z
?exec@Statement@SQLite@@QAEHXZ
?execAndGet@Database@SQLite@@QAE?AVColumn@2@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?execAndGet@Database@SQLite@@QAE?AVColumn@2@PBD@Z
?executeStep@Backup@SQLite@@QAEHH@Z
?executeStep@Statement@SQLite@@QAE_NXZ
?getBindParameterCount@Statement@SQLite@@QBEHXZ
?getBlob@Column@SQLite@@QBEPBXXZ
?getBytes@Column@SQLite@@QBEHXZ
?getChanges@Database@SQLite@@QBEHXZ
?getChanges@Statement@SQLite@@QBEHXZ
?getColumn@Statement@SQLite@@QBE?AVColumn@2@H@Z
?getColumn@Statement@SQLite@@QBE?AVColumn@2@PBD@Z
?getColumnCount@Statement@SQLite@@QBEHXZ
?getColumnDeclaredType@Statement@SQLite@@QBEPBDH@Z
?getColumnIndex@Statement@SQLite@@QBEHPBD@Z
?getColumnName@Statement@SQLite@@QBEPBDH@Z
?getColumnOriginName@Statement@SQLite@@QBEPBDH@Z
?getDouble@Column@SQLite@@QBENXZ
?getErrorCode@Database@SQLite@@QBEHXZ
?getErrorCode@Exception@SQLite@@QBEHXZ
?getErrorCode@Statement@SQLite@@QBEHXZ
?getErrorMsg@Database@SQLite@@QBEPBDXZ
?getErrorMsg@Statement@SQLite@@QBEPBDXZ
?getErrorStr@Exception@SQLite@@QBEPBDXZ
?getExpandedSQL@Statement@SQLite@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?getExtendedErrorCode@Database@SQLite@@QBEHXZ
?getExtendedErrorCode@Exception@SQLite@@QBEHXZ
?getExtendedErrorCode@Statement@SQLite@@QBEHXZ
?getFilename@Database@SQLite@@QBEABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?getHandle@Database@SQLite@@QBEPAUsqlite3@@XZ
?getHeaderInfo@Database@SQLite@@QBE?AUHeader@2@XZ
?getHeaderInfo@Database@SQLite@@SA?AUHeader@2@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?getIndex@Statement@SQLite@@QBEHQBD@Z
?getInt64@Column@SQLite@@QBE_JXZ
?getInt@Column@SQLite@@QBEHXZ
?getLastInsertRowid@Database@SQLite@@QBE_JXZ
?getLibVersion@SQLite@@YAPBDXZ
?getLibVersionNumber@SQLite@@YAHXZ
?getName@Column@SQLite@@QBEPBDXZ
?getOriginName@Column@SQLite@@QBEPBDXZ
?getPreparedStatement@Statement@SQLite@@ABEPAUsqlite3_stmt@@XZ
?getQuery@Statement@SQLite@@QBEABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?getRemainingPageCount@Backup@SQLite@@QBEHXZ
?getString@Column@SQLite@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?getText@Column@SQLite@@QBEPBDPBD@Z
?getTotalChanges@Database@SQLite@@QBEHXZ
?getTotalPageCount@Backup@SQLite@@QBEHXZ
?getType@Column@SQLite@@QBEHXZ
?getUInt@Column@SQLite@@QBEIXZ
?hasRow@Statement@SQLite@@QBE_NXZ
?isBlob@Column@SQLite@@QBE_NXZ
?isColumnNull@Statement@SQLite@@QBE_NH@Z
?isColumnNull@Statement@SQLite@@QBE_NPBD@Z
?isDone@Statement@SQLite@@QBE_NXZ
?isFloat@Column@SQLite@@QBE_NXZ
?isInteger@Column@SQLite@@QBE_NXZ
?isNull@Column@SQLite@@QBE_NXZ
?isText@Column@SQLite@@QBE_NXZ
?isUnencrypted@Database@SQLite@@SA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?key@Database@SQLite@@QBEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?loadExtension@Database@SQLite@@QAEXPBD0@Z
?prepareStatement@Statement@SQLite@@AAE?AV?$shared_ptr@Usqlite3_stmt@@@std@@XZ
?rekey@Database@SQLite@@QBEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?reset@Statement@SQLite@@QAEXXZ
?setBusyTimeout@Database@SQLite@@QAEXH@Z
?size@Column@SQLite@@QBEHXZ
?tableExists@Database@SQLite@@QBE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?tableExists@Database@SQLite@@QBE_NPBD@Z
?tryExec@Database@SQLite@@QAEHABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?tryExec@Database@SQLite@@QAEHPBD@Z
?tryExecuteStep@Statement@SQLite@@QAEHXZ
?tryReset@Statement@SQLite@@QAEHXZ
GetSignInfoAsJson
NtfsToolExtract
sqlite3_aggregate_context
sqlite3_aggregate_count
sqlite3_auto_extension
sqlite3_autovacuum_pages
sqlite3_backup_finish
sqlite3_backup_init
sqlite3_backup_pagecount
sqlite3_backup_remaining
sqlite3_backup_step
sqlite3_bind_blob
sqlite3_bind_blob64
sqlite3_bind_double
sqlite3_bind_int
sqlite3_bind_int64
sqlite3_bind_null
sqlite3_bind_parameter_count
sqlite3_bind_parameter_index
sqlite3_bind_parameter_name
sqlite3_bind_pointer
sqlite3_bind_text
sqlite3_bind_text16
sqlite3_bind_text64
sqlite3_bind_value
sqlite3_bind_zeroblob
sqlite3_bind_zeroblob64
sqlite3_blob_bytes
sqlite3_blob_close
sqlite3_blob_open
sqlite3_blob_read
sqlite3_blob_reopen
sqlite3_blob_write
sqlite3_busy_handler
sqlite3_busy_timeout
sqlite3_cancel_auto_extension
sqlite3_changes
sqlite3_changes64
sqlite3_clear_bindings
sqlite3_close
sqlite3_close_v2
sqlite3_collation_needed
sqlite3_collation_needed16
sqlite3_column_blob
sqlite3_column_bytes
sqlite3_column_bytes16
sqlite3_column_count
sqlite3_column_database_name
sqlite3_column_database_name16
sqlite3_column_decltype
sqlite3_column_decltype16
sqlite3_column_double
sqlite3_column_int
sqlite3_column_int64
sqlite3_column_name
sqlite3_column_name16
sqlite3_column_origin_name
sqlite3_column_origin_name16
sqlite3_column_table_name
sqlite3_column_table_name16
sqlite3_column_text
sqlite3_column_text16
sqlite3_column_type
sqlite3_column_value
sqlite3_commit_hook
sqlite3_compileoption_get
sqlite3_compileoption_used
sqlite3_complete
sqlite3_complete16
sqlite3_config
sqlite3_context_db_handle
sqlite3_create_collation
sqlite3_create_collation16
sqlite3_create_collation_v2
sqlite3_create_filename
sqlite3_create_function
sqlite3_create_function16
sqlite3_create_function_v2
sqlite3_create_module
sqlite3_create_module_v2
sqlite3_create_window_function
sqlite3_data_count
sqlite3_data_directory
sqlite3_database_file_object
sqlite3_db_cacheflush
sqlite3_db_config
sqlite3_db_filename
sqlite3_db_handle
sqlite3_db_mutex
sqlite3_db_name
sqlite3_db_readonly
sqlite3_db_release_memory
sqlite3_db_status
sqlite3_declare_vtab
sqlite3_deserialize
sqlite3_drop_modules
sqlite3_enable_load_extension
sqlite3_enable_shared_cache
sqlite3_errcode
sqlite3_errmsg
sqlite3_errmsg16
sqlite3_error_offset
sqlite3_errstr
sqlite3_exec
sqlite3_expanded_sql
sqlite3_expired
sqlite3_extended_errcode
sqlite3_extended_result_codes
sqlite3_file_control
sqlite3_filename_database
sqlite3_filename_journal
sqlite3_filename_wal
sqlite3_finalize
sqlite3_free
sqlite3_free_filename
sqlite3_free_table
sqlite3_get_autocommit
sqlite3_get_auxdata
sqlite3_get_table
sqlite3_global_recover
sqlite3_hard_heap_limit64
sqlite3_initialize
sqlite3_interrupt
sqlite3_is_interrupted
sqlite3_keyword_check
sqlite3_keyword_count
sqlite3_keyword_name
sqlite3_last_insert_rowid
sqlite3_libversion
sqlite3_libversion_number
sqlite3_limit
sqlite3_load_extension
sqlite3_log
sqlite3_malloc
sqlite3_malloc64
sqlite3_memory_alarm
sqlite3_memory_highwater
sqlite3_memory_used
sqlite3_mprintf
sqlite3_msize
sqlite3_mutex_alloc
sqlite3_mutex_enter
sqlite3_mutex_free
sqlite3_mutex_leave
sqlite3_mutex_try
sqlite3_next_stmt
sqlite3_open
sqlite3_open16
sqlite3_open_v2
sqlite3_os_end
sqlite3_os_init
sqlite3_overload_function
sqlite3_prepare
sqlite3_prepare16
sqlite3_prepare16_v2
sqlite3_prepare16_v3
sqlite3_prepare_v2
sqlite3_prepare_v3
sqlite3_profile
sqlite3_progress_handler
sqlite3_randomness
sqlite3_realloc
sqlite3_realloc64
sqlite3_release_memory
sqlite3_reset
sqlite3_reset_auto_extension
sqlite3_result_blob
sqlite3_result_blob64
sqlite3_result_double
sqlite3_result_error
sqlite3_result_error16
sqlite3_result_error_code
sqlite3_result_error_nomem
sqlite3_result_error_toobig
sqlite3_result_int
sqlite3_result_int64
sqlite3_result_null
sqlite3_result_pointer
sqlite3_result_subtype
sqlite3_result_text
sqlite3_result_text16
sqlite3_result_text16be
sqlite3_result_text16le
sqlite3_result_text64
sqlite3_result_value
sqlite3_result_zeroblob
sqlite3_result_zeroblob64
sqlite3_rollback_hook
sqlite3_serialize
sqlite3_set_authorizer
sqlite3_set_auxdata
sqlite3_set_last_insert_rowid
sqlite3_shutdown
sqlite3_sleep
sqlite3_snprintf
sqlite3_soft_heap_limit
sqlite3_soft_heap_limit64
sqlite3_sourceid
sqlite3_sql
sqlite3_status
sqlite3_status64
sqlite3_step
sqlite3_stmt_busy
sqlite3_stmt_explain
sqlite3_stmt_isexplain
sqlite3_stmt_readonly
sqlite3_stmt_status
sqlite3_str_append
sqlite3_str_appendall
sqlite3_str_appendchar
sqlite3_str_appendf
sqlite3_str_errcode
sqlite3_str_finish
sqlite3_str_length
sqlite3_str_new
sqlite3_str_reset
sqlite3_str_value
sqlite3_str_vappendf
sqlite3_strglob
sqlite3_stricmp
sqlite3_strlike
sqlite3_strnicmp
sqlite3_system_errno
sqlite3_table_column_metadata
sqlite3_temp_directory
sqlite3_test_control
sqlite3_thread_cleanup
sqlite3_threadsafe
sqlite3_total_changes
sqlite3_total_changes64
sqlite3_trace
sqlite3_trace_v2
sqlite3_transfer_bindings
sqlite3_txn_state
sqlite3_update_hook
sqlite3_uri_boolean
sqlite3_uri_int64
sqlite3_uri_key
sqlite3_uri_parameter
sqlite3_user_data
sqlite3_value_blob
sqlite3_value_bytes
sqlite3_value_bytes16
sqlite3_value_double
sqlite3_value_dup
sqlite3_value_encoding
sqlite3_value_free
sqlite3_value_frombind
sqlite3_value_int
sqlite3_value_int64
sqlite3_value_nochange
sqlite3_value_numeric_type
sqlite3_value_pointer
sqlite3_value_subtype
sqlite3_value_text
sqlite3_value_text16
sqlite3_value_text16be
sqlite3_value_text16le
sqlite3_value_type
sqlite3_version
sqlite3_vfs_find
sqlite3_vfs_register
sqlite3_vfs_unregister
sqlite3_vmprintf
sqlite3_vsnprintf
sqlite3_vtab_collation
sqlite3_vtab_config
sqlite3_vtab_distinct
sqlite3_vtab_in
sqlite3_vtab_in_first
sqlite3_vtab_in_next
sqlite3_vtab_nochange
sqlite3_vtab_on_conflict
sqlite3_vtab_rhs_value
sqlite3_wal_autocheckpoint
sqlite3_wal_checkpoint
sqlite3_wal_checkpoint_v2
sqlite3_wal_hook
sqlite3_win32_is_nt
sqlite3_win32_mbcs_to_utf8
sqlite3_win32_mbcs_to_utf8_v2
sqlite3_win32_set_directory
sqlite3_win32_set_directory16
sqlite3_win32_set_directory8
sqlite3_win32_sleep
sqlite3_win32_unicode_to_utf8
sqlite3_win32_utf8_to_mbcs
sqlite3_win32_utf8_to_mbcs_v2
sqlite3_win32_utf8_to_unicode
sqlite3_win32_write_debug

Sections

.text
Size: 2.9MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 804KB - Virtual size: 801KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11.5MB - Virtual size: 11.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 136KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 9.9MB

UPX1 Size: 5.5MB - Virtual size: 5.5MB

.rsrc Size: 140KB - Virtual size: 144KB

Headers

DLL Characteristics

File Characteristics

Exports

Exports

Sections

.text Size: 2.9MB - Virtual size: 2.8MB

.rdata Size: 804KB - Virtual size: 801KB

.data Size: 56KB - Virtual size: 68KB

.rsrc Size: 11.5MB - Virtual size: 11.5MB

.reloc Size: 136KB - Virtual size: 134KB

UPX0
Size: - Virtual size: 9.9MB

UPX1
Size: 5.5MB - Virtual size: 5.5MB

.rsrc
Size: 140KB - Virtual size: 144KB

.text
Size: 2.9MB - Virtual size: 2.8MB

.rdata
Size: 804KB - Virtual size: 801KB

.data
Size: 56KB - Virtual size: 68KB

.rsrc
Size: 11.5MB - Virtual size: 11.5MB

.reloc
Size: 136KB - Virtual size: 134KB