bb50000[.]dll[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

bb50000.dll.exe
Size

284KB
MD5

62546d2740fd48d4b831a6f1baf31859
SHA1

71be4b5c583169d5d803a3f80347f6388386f20c
SHA256

de74906547ec883e6bf5eec0f360e627175505074dc17632907db26b67a448ca
SHA512

025054f324d301b6b0f8eb14e8fae53f4568a218f38f813c9970f049576b2f30a370dcf807044cebd5eebf9a140e3506456ca73df1e57d6dfecc2ee5e46b75f5
SSDEEP

6144:dCf08fLIWAYpBJ7TBV16yH8UDfQhTi07imE6G4vvQl/cK8c5dMZ5JAPA13iX:dwTAYpBJ7PgyciQh+02mELRvbMZ5JAP

Score

N/A

Malware Config

Signatures

Files

bb50000.dll.exe
.dll windows x64

8387e933834be1b0b751f3630a616f4f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

_strnicmp
memcmp
memset
ZwQueryInformationProcess
ZwQueryKey
NtSuspendProcess
NtSetContextThread
RtlNtStatusToDosError
NtResumeProcess
NtGetContextThread
NtSetInformationProcess
_wcsnicmp
NtMapViewOfSection
NtUnmapViewOfSection
ZwClose
NtCreateSection
memmove
NtQuerySystemInformation
RtlInitUnicodeString
NtQueryInformationFile
NtQueryInformationProcess
NtQueryDirectoryFile
NtQueryObject
ZwOpenProcessToken
ZwOpenProcess
ZwQueryInformationToken
RtlEqualUnicodeString
LdrFindEntryForAddress
_strupr
strcpy
memcpy
__chkstk
__C_specific_handler
VirtualAlloc
SystemTimeToFileTime
RaiseException
CreateIoCompletionPort
PostQueuedCompletionStatus
GetSystemInfo
GetQueuedCompletionStatus
LocalAlloc
HeapReAlloc
RemoveVectoredExceptionHandler
HeapAlloc
HeapFree
SetEvent
CreateEventA
HeapDestroy
HeapCreate
GetLastError
AddVectoredExceptionHandler
GetCurrentThreadId
GetVersion
SwitchToThread
lstrlenA
WideCharToMultiByte
lstrcatA
MultiByteToWideChar
lstrlenW
SetLastError
lstrcmpiW
lstrcatW
LocalFree
lstrcpyW
lstrcpyA
WaitForSingleObject
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetModuleHandleA
DeleteCriticalSection
CloseHandle
CreateThread
GetComputerNameW
CreateMutexA
GetCurrentProcessId
lstrcpynA
lstrcpynW
lstrcmpiA
SetEnvironmentVariableW
SetErrorMode
SetUnhandledExceptionFilter
OpenProcess
Sleep
TerminateProcess
GetProcAddress
WaitForMultipleObjects
LoadLibraryA
CreateDirectoryW
ReleaseMutex
GlobalDeleteAtom
GlobalAddAtomA
IsBadReadPtr
IsBadStringPtrA
FreeLibrary
lstrcmpA
VirtualQuery
GetCurrentProcess
VirtualProtect
ExpandEnvironmentStringsA
ExpandEnvironmentStringsW
GetVersionExW
CreateFileA
GetFileSize
SetFilePointer
SetEndOfFile
WriteFile
ReadFile
CreateFileW
GetTempPathW
GetLongPathNameW
VirtualFree
ReadProcessMemory
CreateWaitableTimerA
VirtualAllocEx
GetModuleFileNameA
WriteProcessMemory
GetThreadContext
VirtualProtectEx
SuspendThread
ResumeThread
CopyFileW
GetFileAttributesExW
FindFirstFileW
CompareFileTime
lstrcmpW
FindClose
FindNextFileW
GetEnvironmentVariableW
MapViewOfFile
UnmapViewOfFile
CreateFileMappingA
OpenFileMappingA
GlobalLock
GlobalAlloc
GlobalUnlock
GlobalFree
OpenEventA
GetSystemWindowsDirectoryA
SetFilePointerEx
GetFileInformationByHandleEx
SetFileInformationByHandle
GetProcessId
RemoveDirectoryW
DuplicateHandle
DeleteFileW
MulDiv
GetTickCount
GetSystemTimeAsFileTime
GetProcessTimes
GetLocaleInfoW
VerLanguageNameW
SetWaitableTimer
CancelWaitableTimer
WaitForSingleObjectEx
ResetEvent
OpenThread
GetSystemTime
AcceptEx
GetAcceptExSockaddrs

Exports

Exports

PluginRegisterCallbacks
VncStartServer
VncStopServer

Sections

.text
Size: 202KB - Virtual size: 202KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8387e933834be1b0b751f3630a616f4f

Headers

File Characteristics

Imports

Exports

Exports

Sections

.text Size: 202KB - Virtual size: 202KB

.rdata Size: 25KB - Virtual size: 24KB

.data Size: 26KB - Virtual size: 31KB

.pdata Size: 7KB - Virtual size: 6KB

.bss Size: 18KB - Virtual size: 17KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 202KB - Virtual size: 202KB

.rdata
Size: 25KB - Virtual size: 24KB

.data
Size: 26KB - Virtual size: 31KB

.pdata
Size: 7KB - Virtual size: 6KB

.bss
Size: 18KB - Virtual size: 17KB

.reloc
Size: 4KB - Virtual size: 4KB