edb.pdb
Static task
static1
Behavioral task
behavioral1
Sample
sqx.dll
Resource
win7-20241023-en
Behavioral task
behavioral2
Sample
sqx.dll
Resource
win10v2004-20241007-en
General
-
Target
sqx.dll
-
Size
1.3MB
-
MD5
dd862590d9e4ea1791df147912ae4c8f
-
SHA1
852d7a9ea4db5ff4cd51a92447a8d5701cfb322b
-
SHA256
14ffcbbfb305287ea15264df3363567f36a26917ae2018af0f40e2009b8a7184
-
SHA512
3e9222d8bd91d3e53f5e378318a78a7c5aa12011272031f7c0d8c36c5b255db1d0a168cc02e1159eb021dd18206352dd6dcb857fefc2222937c467350dc6d568
-
SSDEEP
24576:pQrDp6J8JM3IgVvF7EtPCo1Frk5fRJhqYEjTvpAbHT0HRZonw4by:pQpI8JM3IwEtPCo1F45fvhq/jTyb4HR+
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource sqx.dll
Files
-
sqx.dll.dll windows:6 windows x64 arch:x64
9a0edf641145d454a005af877887e965
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
Imports
kernel32
GetFileSize
DeleteFileW
GetTempPathW
FlushFileBuffers
GetFileInformationByHandle
LockFileEx
UnlockFileEx
GetSystemTimeAsFileTime
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
TryEnterCriticalSection
SetFilePointer
LoadLibraryW
GetProcAddress
FreeLibrary
GetCurrentProcess
GetLocaleInfoW
GetModuleFileNameW
LoadLibraryExW
WideCharToMultiByte
MultiByteToWideChar
GetFullPathNameW
WriteConsoleW
GetConsoleMode
GetConsoleOutputCP
HeapSize
SetStdHandle
GetStringTypeW
SetEndOfFile
WriteFile
ReadFile
FindClose
FindNextFileW
FindFirstFileExW
Sleep
GetLastError
GetCurrentProcessId
GetModuleHandleW
GetTickCount
InitializeCriticalSection
SetLastError
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentThreadId
InitializeSListHead
GetStartupInfoW
RtlUnwindEx
RtlPcToFileHeader
RaiseException
InterlockedFlushSList
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
ExitProcess
HeapAlloc
HeapFree
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
LCMapStringW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
HeapReAlloc
GetStdHandle
GetFileType
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
Exports
Exports
GetDbInterface
Sections
.text Size: 858KB - Virtual size: 858KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 138KB - Virtual size: 138KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 14KB - Virtual size: 19KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 36KB - Virtual size: 36KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 246KB - Virtual size: 246KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ