| Architecture |
IMAGE_FILE_MACHINE_I386
|
|---|---|
| Subsystem |
IMAGE_SUBSYSTEM_WINDOWS_GUI
|
| Compilation Date | 2023-Oct-27 12:45:07 |
| Detected languages |
English - United States
|
| Debug artifacts |
C:\mertech\flex2sql\17.1-legacy\bld\Release\Win32\sql_drv.pdb
|
| CompanyName | Mertech Data Systems Inc. 18503 Pines Boulevard, Suite 312 - Pembroke Pines, FL 33029 Tel. (954) 585-9016 |
| FileDescription | Flex2SQL⢠Classic Edition for Microsoft SQL |
| FileVersion | 17.1.9897.0 |
| InternalName | sql_drv |
| LegalCopyright | Copyright © 1997 - 2023 Flex2SQL (TM) is a trademark of Mertech Data Systems Inc |
| OriginalFilename | sql_drv |
| ProductName | Flex2SQL⢠Classic Edition for Microsoft SQL |
| ProductVersion | 17.1.9897.0 |
| Info | Matching compiler(s): |
Microsoft Visual C++ v6.0 DLL
Microsoft Visual C++ 6.0 - 8.0 Microsoft Visual C++ |
| Suspicious | Strings found in the binary may indicate undesirable behavior: |
May have dropper capabilities:
|
| Info | Cryptographic algorithms detected in the binary: | Uses constants related to SHA256 |
| Suspicious | The PE is possibly packed. | Unusual section name found: .sdata |
| Malicious | The PE contains functions mostly used by malware. |
[!] The program may be hiding some of its imports:
|
| Info | The PE is digitally signed. |
Signer: Mertech Data Systems
Issuer: DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1 |
| Suspicious | No VirusTotal score. | This file has never been scanned on VirusTotal. |
| e_magic | MZ |
|---|---|
| e_cblp | 0x90 |
| e_cp | 0x3 |
| e_crlc | 0 |
| e_cparhdr | 0x4 |
| e_minalloc | 0 |
| e_maxalloc | 0xffff |
| e_ss | 0 |
| e_sp | 0xb8 |
| e_csum | 0 |
| e_ip | 0 |
| e_cs | 0 |
| e_ovno | 0 |
| e_oemid | 0 |
| e_oeminfo | 0 |
| e_lfanew | 0x120 |
| Signature | PE |
|---|---|
| Machine |
IMAGE_FILE_MACHINE_I386
|
| NumberofSections | 6 |
| TimeDateStamp | 2023-Oct-27 12:45:07 |
| PointerToSymbolTable | 0 |
| NumberOfSymbols | 0 |
| SizeOfOptionalHeader | 0xe0 |
| Characteristics |
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_EXECUTABLE_IMAGE
|
| Magic | PE32 |
|---|---|
| LinkerVersion | 14.0 |
| SizeOfCode | 0xd9c00 |
| SizeOfInitializedData | 0x81000 |
| SizeOfUninitializedData | 0 |
| AddressOfEntryPoint | 0x00098140 (Section: .text) |
| BaseOfCode | 0x1000 |
| BaseOfData | 0xdb000 |
| ImageBase | 0x10000000 |
| SectionAlignment | 0x1000 |
| FileAlignment | 0x200 |
| OperatingSystemVersion | 6.0 |
| ImageVersion | 0.0 |
| SubsystemVersion | 6.0 |
| Win32VersionValue | 0 |
| SizeOfImage | 0x15f000 |
| SizeOfHeaders | 0x400 |
| Checksum | 0x12636e |
| Subsystem |
IMAGE_SUBSYSTEM_WINDOWS_GUI
|
| DllCharacteristics |
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
|
| SizeofStackReserve | 0x100000 |
| SizeofStackCommit | 0x1000 |
| SizeofHeapReserve | 0x100000 |
| SizeofHeapCommit | 0x1000 |
| LoaderFlags | 0 |
| NumberOfRvaAndSizes | 16 |
| VERSION.dll |
GetFileVersionInfoA
GetFileVersionInfoSizeA VerQueryValueA |
|---|---|
| PSAPI.DLL |
EnumProcessModules
|
| KERNEL32.dll |
GetCurrentProcessId
FormatMessageA VerSetConditionMask VerifyVersionInfoW LocalFree OutputDebugStringA GetCurrentProcess CloseHandle UnmapViewOfFile CreateFileMappingA MapViewOfFile CreateMutexA ReleaseMutex WaitForSingleObject GetSystemTimeAsFileTime Sleep SetUnhandledExceptionFilter GetLocaleInfoA OpenProcess GetModuleHandleA WaitForMultipleObjects CreateEventA DuplicateHandle SetEvent CreateNamedPipeA GetModuleFileNameW LCMapStringA GetVersion GetProcAddress LocalAlloc lstrcmpA lstrlenA LoadLibraryA ProcessIdToSessionId ReadFile GetTimeZoneInformation RtlUnwind LoadLibraryW UnregisterWaitEx QueryDepthSList InterlockedFlushSList InterlockedPushEntrySList InterlockedPopEntrySList ReleaseSemaphore VirtualFree VirtualProtect VirtualAlloc GetVersionExW LoadLibraryExW FreeLibraryAndExitThread GetThreadTimes UnregisterWait RegisterWaitForSingleObject SetThreadAffinityMask GetProcessAffinityMask GetNumaHighestNodeNumber DeleteTimerQueueTimer ChangeTimerQueueTimer CreateTimerQueueTimer GetLogicalProcessorInformation GetThreadPriority SetThreadPriority CreateThread SignalObjectAndWait CreateTimerQueue QueryPerformanceFrequency DeleteCriticalSection DecodePointer RaiseException InitializeCriticalSectionEx GetLastError QueryPerformanceCounter GetComputerNameA WideCharToMultiByte GetModuleFileNameA lstrcpynA MultiByteToWideChar GetDriveTypeW GetFullPathNameA SetFilePointerEx LockFileEx FreeLibrary VirtualQuery WriteConsoleW SetEnvironmentVariableA FreeEnvironmentStringsW GetEnvironmentStringsW GetCommandLineW GetCommandLineA GetOEMCP IsValidCodePage FindNextFileA FindFirstFileExA TerminateProcess InitializeSListHead GetStartupInfoW UnhandledExceptionFilter IsProcessorFeaturePresent ResetEvent OutputDebugStringW IsDebuggerPresent GetCPInfo UnlockFileEx GetStringTypeW GetLocaleInfoW SetEndOfFile GetProcessHeap SetStdHandle FlushFileBuffers GetConsoleCP WriteFile HeapReAlloc EnumSystemLocalesW GetUserDefaultLCID IsValidLocale GetStdHandle GetACP HeapAlloc HeapFree ExitProcess LCMapStringW ReadConsoleW GetConsoleMode FileTimeToSystemTime SystemTimeToTzSpecificLocalTime PeekNamedPipe GetFileType GetModuleHandleExW ExitThread HeapSize FormatMessageW WaitForSingleObjectEx SwitchToThread GetCurrentThread GetCurrentThreadId GetExitCodeThread EnterCriticalSection LeaveCriticalSection TryEnterCriticalSection GetCurrentDirectoryW CreateFileW DeleteFileW FindClose FindFirstFileExW GetFileAttributesExW GetFileInformationByHandle GetFullPathNameW AreFileApisANSI SetLastError GetModuleHandleW EncodePointer InitializeCriticalSectionAndSpinCount CreateEventW TlsAlloc TlsGetValue TlsSetValue TlsFree GetTickCount CompareStringW |
| USER32.dll |
OemToCharA
KillTimer SetTimer IsWindowVisible EndDialog IsDlgButtonChecked SendMessageA SetForegroundWindow CharToOemBuffA SetFocus CheckDlgButton SetDlgItemTextA ShowWindow GetDlgItem EnableWindow SetWindowPos GetWindowRect DialogBoxParamA GetWindow GetParent IsWindowEnabled GetActiveWindow GetDlgItemTextA MessageBeep GetUserObjectInformationA GetProcessWindowStation MessageBoxA CharToOemA OemToCharBuffA GetSystemMetrics |
| ADVAPI32.dll |
RegOpenKeyA
RegNotifyChangeKeyValue DeregisterEventSource ReportEventA RegisterEventSourceA SetSecurityDescriptorDacl InitializeSecurityDescriptor OpenProcessToken AdjustTokenPrivileges LookupPrivilegeValueA RegDeleteKeyA RegSetValueExA RegCreateKeyExA RegQueryValueExA RegOpenKeyExA RegCloseKey RegEnumKeyExW RegOpenKeyExW |
| ole32.dll |
CoCreateGuid
CoGetMalloc CoTaskMemAlloc CLSIDFromString StringFromGUID2 CoInitialize CoTaskMemRealloc CoCreateInstance CoTaskMemFree StringFromCLSID |
| OLEAUT32.dll |
VariantInit
VariantTimeToSystemTime VarBstrCat SysStringLen SysStringByteLen SysAllocStringByteLen VariantClear GetErrorInfo SysAllocStringLen SysFreeString VarDateFromStr |
| WS2_32.dll |
setsockopt
send closesocket shutdown freeaddrinfo getaddrinfo gethostbyname inet_addr getsockopt WSAPoll connect socket WSAGetLastError recv ioctlsocket WSAStartup |
| WINHTTP.dll |
WinHttpQueryHeaders
WinHttpReceiveResponse WinHttpSendRequest WinHttpOpenRequest WinHttpConnect WinHttpOpen WinHttpCloseHandle |
| Ordinal | 1 |
|---|---|
| Address | 0x75ab0 |
| Ordinal | 2 |
|---|---|
| Address | 0x75ac0 |
| Ordinal | 3 |
|---|---|
| Address | 0x75ae0 |
| Ordinal | 4 |
|---|---|
| Address | 0x58360 |
| Ordinal | 5 |
|---|---|
| Address | 0x9f00 |
| Ordinal | 6 |
|---|---|
| Address | 0x9f00 |
| Ordinal | 7 |
|---|---|
| Address | 0x64c90 |
| Ordinal | 8 |
|---|---|
| Address | 0x6aef0 |
| Ordinal | 9 |
|---|---|
| Address | 0x57ca0 |
| Ordinal | 10 |
|---|---|
| Address | 0x58050 |
| Ordinal | 11 |
|---|---|
| Address | 0x5d970 |
| Ordinal | 12 |
|---|---|
| Address | 0x63170 |
| Ordinal | 13 |
|---|---|
| Address | 0x72360 |
| Ordinal | 14 |
|---|---|
| Address | 0x70200 |
| Ordinal | 15 |
|---|---|
| Address | 0x70720 |
| Ordinal | 16 |
|---|---|
| Address | 0x60100 |
| Ordinal | 17 |
|---|---|
| Address | 0x5e340 |
| Ordinal | 18 |
|---|---|
| Address | 0x635c0 |
| Ordinal | 19 |
|---|---|
| Address | 0x64d30 |
| Ordinal | 20 |
|---|---|
| Address | 0x6f870 |
| Ordinal | 21 |
|---|---|
| Address | 0x5f4b0 |
| Ordinal | 22 |
|---|---|
| Address | 0x633e0 |
| Ordinal | 23 |
|---|---|
| Address | 0x5dc10 |
| Ordinal | 24 |
|---|---|
| Address | 0x5e0a0 |
| Ordinal | 25 |
|---|---|
| Address | 0x659f0 |
| Ordinal | 26 |
|---|---|
| Address | 0x65c30 |
| Ordinal | 27 |
|---|---|
| Address | 0x75740 |
| Ordinal | 28 |
|---|---|
| Address | 0x75420 |
| Ordinal | 29 |
|---|---|
| Address | 0x73940 |
| Ordinal | 30 |
|---|---|
| Address | 0x72eb0 |
| Ordinal | 31 |
|---|---|
| Address | 0x725a0 |
| Ordinal | 32 |
|---|---|
| Address | 0x72370 |
| Ordinal | 33 |
|---|---|
| Address | 0x72590 |
| Ordinal | 34 |
|---|---|
| Address | 0x50f80 |
| Ordinal | 35 |
|---|---|
| Address | 0x529c0 |
| Ordinal | 36 |
|---|---|
| Address | 0x53d40 |
| Ordinal | 37 |
|---|---|
| Address | 0x56780 |
| Ordinal | 38 |
|---|---|
| Address | 0x66040 |
| Ordinal | 39 |
|---|---|
| Address | 0x66e60 |
| Ordinal | 40 |
|---|---|
| Address | 0x5ce10 |
| Ordinal | 41 |
|---|---|
| Address | 0x65720 |
| Ordinal | 42 |
|---|---|
| Address | 0x657e0 |
| Ordinal | 43 |
|---|---|
| Address | 0x5d770 |
| Ordinal | 44 |
|---|---|
| Address | 0x2cd30 |
| Ordinal | 45 |
|---|---|
| Address | 0x50f80 |
| Ordinal | 46 |
|---|---|
| Address | 0x529c0 |
| Ordinal | 47 |
|---|---|
| Address | 0x53d40 |
| Ordinal | 48 |
|---|---|
| Address | 0x56780 |
| Ordinal | 49 |
|---|---|
| Address | 0x58360 |
| Ordinal | 50 |
|---|---|
| Address | 0x5ce10 |
| Ordinal | 51 |
|---|---|
| Address | 0x5dc10 |
| Ordinal | 52 |
|---|---|
| Address | 0x5e0a0 |
| Ordinal | 53 |
|---|---|
| Address | 0x5f4b0 |
| Ordinal | 54 |
|---|---|
| Address | 0x64d30 |
| Ordinal | 55 |
|---|---|
| Address | 0x5e340 |
| Ordinal | 56 |
|---|---|
| Address | 0x633e0 |
| Ordinal | 57 |
|---|---|
| Address | 0x6f870 |
| Ordinal | 58 |
|---|---|
| Address | 0x635c0 |
| Ordinal | 59 |
|---|---|
| Address | 0x57ca0 |
| Ordinal | 60 |
|---|---|
| Address | 0x58050 |
| Ordinal | 61 |
|---|---|
| Address | 0x63170 |
| Ordinal | 62 |
|---|---|
| Address | 0x5d970 |
| Ordinal | 63 |
|---|---|
| Address | 0x9f00 |
| Ordinal | 64 |
|---|---|
| Address | 0x6aef0 |
| Ordinal | 65 |
|---|---|
| Address | 0x64c90 |
| Ordinal | 66 |
|---|---|
| Address | 0x72360 |
| Ordinal | 67 |
|---|---|
| Address | 0x9f00 |
| Ordinal | 68 |
|---|---|
| Address | 0x5d770 |
| Ordinal | 69 |
|---|---|
| Address | 0x657e0 |
| Ordinal | 70 |
|---|---|
| Address | 0x65720 |
| Ordinal | 71 |
|---|---|
| Address | 0x659f0 |
| Ordinal | 72 |
|---|---|
| Address | 0x65c30 |
| Ordinal | 73 |
|---|---|
| Address | 0x66040 |
| Ordinal | 74 |
|---|---|
| Address | 0x66e60 |
| Ordinal | 75 |
|---|---|
| Address | 0x70200 |
| Ordinal | 76 |
|---|---|
| Address | 0x60100 |
| Ordinal | 77 |
|---|---|
| Address | 0x70720 |
| Ordinal | 78 |
|---|---|
| Address | 0x72370 |
| Ordinal | 79 |
|---|---|
| Address | 0x72590 |
| Ordinal | 80 |
|---|---|
| Address | 0x725a0 |
| Ordinal | 81 |
|---|---|
| Address | 0x72eb0 |
| Ordinal | 82 |
|---|---|
| Address | 0x73940 |
| Ordinal | 83 |
|---|---|
| Address | 0x75420 |
| Ordinal | 84 |
|---|---|
| Address | 0x75740 |
| Ordinal | 100 |
|---|---|
| Address | 0x32fa0 |
| Ordinal | 101 |
|---|---|
| Address | 0x32fb0 |
| Ordinal | 102 |
|---|---|
| Address | 0x33070 |
| Ordinal | 103 |
|---|---|
| Address | 0x33080 |
| Ordinal | 104 |
|---|---|
| Address | 0x33250 |
| Ordinal | 105 |
|---|---|
| Address | 0x33660 |
| Ordinal | 106 |
|---|---|
| Address | 0x7bad0 |
| Ordinal | 107 |
|---|---|
| Address | 0x7b840 |
| Ordinal | 110 |
|---|---|
| Address | 0xaf50 |
| Ordinal | 111 |
|---|---|
| Address | 0xb060 |
| Ordinal | 112 |
|---|---|
| Address | 0xb200 |
| Ordinal | 113 |
|---|---|
| Address | 0xb380 |
| Ordinal | 114 |
|---|---|
| Address | 0xb3e0 |
| Ordinal | 115 |
|---|---|
| Address | 0xb420 |
| Ordinal | 116 |
|---|---|
| Address | 0xb460 |
| Ordinal | 117 |
|---|---|
| Address | 0xb4a0 |
| Ordinal | 118 |
|---|---|
| Address | 0xb4e0 |
| Ordinal | 119 |
|---|---|
| Address | 0xb980 |
| Ordinal | 120 |
|---|---|
| Address | 0xb520 |
| Ordinal | 121 |
|---|---|
| Address | 0xb560 |
| Ordinal | 122 |
|---|---|
| Address | 0xb5a0 |
| Ordinal | 123 |
|---|---|
| Address | 0xb5e0 |
| Ordinal | 124 |
|---|---|
| Address | 0xb780 |
| Ordinal | 125 |
|---|---|
| Address | 0xb7e0 |
| Ordinal | 126 |
|---|---|
| Address | 0xb780 |
| Ordinal | 127 |
|---|---|
| Address | 0xb9d0 |
| Signature | 0xfeef04bd |
|---|---|
| StructVersion | 0x10000 |
| FileVersion | 17.1.9897.0 |
| ProductVersion | 17.1.9897.0 |
| FileFlags | (EMPTY) |
| FileOs |
VOS_DOS_WINDOWS32
VOS_NT
VOS_NT_WINDOWS32
VOS_WINCE
VOS__WINDOWS32
|
| FileType |
VFT_DLL
|
| Language | English - United States |
| CompanyName | Mertech Data Systems Inc. 18503 Pines Boulevard, Suite 312 - Pembroke Pines, FL 33029 Tel. (954) 585-9016 |
| FileDescription | Flex2SQL⢠Classic Edition for Microsoft SQL |
| FileVersion (#2) | 17.1.9897.0 |
| InternalName | sql_drv |
| LegalCopyright | Copyright © 1997 - 2023 Flex2SQL (TM) is a trademark of Mertech Data Systems Inc |
| OriginalFilename | sql_drv |
| ProductName | Flex2SQL⢠Classic Edition for Microsoft SQL |
| ProductVersion (#2) | 17.1.9897.0 |
| Resource LangID | English - United States |
|---|
| Characteristics |
0
|
|---|---|
| TimeDateStamp | 2023-Oct-27 12:45:07 |
| Version | 0.0 |
| SizeofData | 86 |
| AddressOfRawData | 0xfde18 |
| PointerToRawData | 0xfce18 |
| Referenced File | C:\mertech\flex2sql\17.1-legacy\bld\Release\Win32\sql_drv.pdb |
| Characteristics |
0
|
|---|---|
| TimeDateStamp | 2023-Oct-27 12:45:07 |
| Version | 0.0 |
| SizeofData | 20 |
| AddressOfRawData | 0xfde70 |
| PointerToRawData | 0xfce70 |
| Characteristics |
0
|
|---|---|
| TimeDateStamp | 2023-Oct-27 12:45:07 |
| Version | 0.0 |
| SizeofData | 912 |
| AddressOfRawData | 0xfde84 |
| PointerToRawData | 0xfce84 |
| Characteristics |
0
|
|---|---|
| TimeDateStamp | 2023-Oct-27 12:45:07 |
| Version | 0.0 |
| SizeofData | 0 |
| AddressOfRawData | 0 |
| PointerToRawData | 0 |
| StartAddressOfRawData | 0x100fe224 |
|---|---|
| EndAddressOfRawData | 0x100fe22c |
| AddressOfIndex | 0x1010c478 |
| AddressOfCallbacks | 0x100db4b8 |
| SizeOfZeroFill | 0 |
| Characteristics |
IMAGE_SCN_ALIGN_4BYTES
|
| Callbacks | (EMPTY) |
| Size | 0xa0 |
|---|---|
| TimeDateStamp | 1970-Jan-01 00:00:00 |
| Version | 0.0 |
| GlobalFlagsClear | (EMPTY) |
| GlobalFlagsSet | (EMPTY) |
| CriticalSectionDefaultTimeout | 0 |
| DeCommitFreeBlockThreshold | 0 |
| DeCommitTotalFreeThreshold | 0 |
| LockPrefixTable | 0 |
| MaximumAllocationSize | 0 |
| VirtualMemoryThreshold | 0 |
| ProcessAffinityMask | 0 |
| ProcessHeapFlags | (EMPTY) |
| CSDVersion | 0 |
| Reserved1 | 0 |
| EditList | 0 |
| SecurityCookie | 0x1010906c |
| SEHandlerTable | 0x100fd8a0 |
| SEHandlerCount | 350 |
| XOR Key | 0x1c885f0c |
|---|---|
| Unmarked objects | 0 |
| ASM objects (VS2015 v14.0.? compiler 24610) | 20 |
| C++ objects (VS2015 v14.0.? compiler 24610) | 186 |
| C objects (VS2015 v14.0.? compiler 24610) | 24 |
| ASM objects (VS 2015/2017 runtime 26706) | 27 |
| C++ objects (VS 2015/2017 runtime 26706) | 121 |
| C objects (VS 2015/2017 runtime 26706) | 37 |
| C objects (CVTCIL) (VS2015 v14.0.? compiler 24610) | 5 |
| Imports (VS2015 v14.0.? compiler 24610) | 19 |
| Total imports | 283 |
| C++ objects (LTCG) (27045) | 118 |
| Exports (27045) | 1 |
| Resource objects (27045) | 1 |
| 151 | 2 |
| Linker (27045) | 1 |
No comments yet.