bitlocker2john[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

bitlocker2john.exe
Size

45KB
MD5

ec12e0b3f8a4ea5a16bb7ae22cb2dee6
SHA1

c7b2b98d2ad00179b6f64d8c722595b57250ea05
SHA256

b47742ec143966c0b74b53a342ada5de7caa830914494847bb3fcaa49a336404
SHA512

f907de4931ae94826935e2ced128097d406f416cf722670b6fc6142c64e75ff6fd396e5ea83b67b98457e824171357d0a1c84d4e7bd30d46e7d0598e2f3f1f80
SSDEEP

768:C757WkK7KGkISLDI2+F6nPDmvywvl+SaWScEtCw7gipODeKcccccccKKKKKKKKKN:C71WkK7KEQDI2vDmvHkYScEtCw7g0Y3d

Score

1^/10

Malware Config

Signatures

Files

bitlocker2john.exe
.exe windows x64

83b8481cd6e6cb58122d8c15f750720c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

cygwin1

__assert_func
__cxa_atexit
__errno
__getreent
__locale_ctype_ptr
__main
_dll_crt0
_impure_ptr
calloc
cygwin_detach_dll
cygwin_internal
dll_dllcrt0
exit
fclose
fflush
fgetc
fgets
fileno
fopen
fprintf
fputc
fread
free
fseek
ftell
fwrite
getc
getopt
isatty
malloc
memcpy
memset
optarg
optind
posix_memalign
printf
putchar
puts
realloc
snprintf
sprintf
sscanf
stpcpy
strcasecmp
strchr
strcmp
strcpy
strdup
strerror
strlen
strlwr
strncat
strnlen
strpbrk
strupr
ungetc
vfprintf
write

kernel32

GetModuleHandleA

Sections

.text
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.buildid
Size: 512B - Virtual size: 53B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 10KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

83b8481cd6e6cb58122d8c15f750720c

Headers

DLL Characteristics

File Characteristics

Imports

cygwin1

kernel32

Sections

.text Size: 30KB - Virtual size: 30KB

.data Size: 512B - Virtual size: 128B

.rdata Size: 6KB - Virtual size: 5KB

.buildid Size: 512B - Virtual size: 53B

.pdata Size: 1KB - Virtual size: 1KB

.xdata Size: 2KB - Virtual size: 1KB

.bss Size: - Virtual size: 10KB

.idata Size: 2KB - Virtual size: 1KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 30KB - Virtual size: 30KB

.data
Size: 512B - Virtual size: 128B

.rdata
Size: 6KB - Virtual size: 5KB

.buildid
Size: 512B - Virtual size: 53B

.pdata
Size: 1KB - Virtual size: 1KB

.xdata
Size: 2KB - Virtual size: 1KB

.bss
Size: - Virtual size: 10KB

.idata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB