bkbc[.]dll | Triage

Resubmissions

14/05/2023, 18:31

230514-w58bfscg53 10

Sharing

Copy URL Twitter E-mail

General

Target

bkbc.dll
Size

1.7MB
MD5

0c0ebd73cacb79b19dfd95dc3a5019ee
SHA1

ce62969554656e30765ee7eb27a51dd79367392a
SHA256

c61a3b75e95ea37acb0d7653126ce080c807caf182c5002d2a2185e87f533dd6
SHA512

a9af2bdcf17902381f6ba2d712c40bcf5dda08deeef3bfd93a66533d32ef0c27e5363107caedb041e6087fb6ba8d7ef2a23d2cdc1e0c2f2d8e71da96947018f0
SSDEEP

24576:Tr+6Dr8GSUAAvCl7Wf3F5zrcqz5lIhHqSTUzO1Sp7z2wIEQuboC7:f+C0jAKeRz7sqSeOgdIEQa1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bkbc.dll

Files

bkbc.dll
.dll windows x86

e5f285b8e49d243627585d8cc4bcaddd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winhttp

WinHttpConnect
WinHttpReceiveResponse
WinHttpOpen
WinHttpReadData
WinHttpOpenRequest
WinHttpCloseHandle
WinHttpSendRequest
WinHttpQueryDataAvailable

shlwapi

PathFindFileNameW
PathFileExistsW

kernel32

FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
GetACP
IsValidCodePage
WritePrivateProfileStringW
GetPrivateProfileIntW
GetPrivateProfileStringW
SizeofResource
LockResource
GlobalAlloc
GlobalFree
LoadResource
FindResourceW
GlobalLock
LoadLibraryA
ExitProcess
GetModuleHandleW
lstrcpyW
CreateDirectoryW
ReadFile
SetHandleInformation
GetModuleFileNameW
CreatePipe
GetCurrentThreadId
Sleep
CloseHandle
GetLocalTime
GetTimeFormatW
CreateProcessW
GetDateFormatW
AreFileApisANSI
EnterCriticalSection
GetFullPathNameW
WriteFile
GetDiskFreeSpaceW
LockFile
LeaveCriticalSection
InitializeCriticalSection
SetFilePointer
GetFullPathNameA
SetEndOfFile
UnlockFileEx
GetTempPathW
CreateFileW
GetFileAttributesW
GetVersionExW
UnmapViewOfFile
MultiByteToWideChar
GetTempPathA
FormatMessageW
GetDiskFreeSpaceA
GetLastError
GetFileAttributesA
GetFileAttributesExW
CreateFileA
DeleteFileA
DeleteFileW
SetEnvironmentVariableW
LoadLibraryW
UnlockFile
GetProcAddress
LocalFree
LockFileEx
GetFileSize
DeleteCriticalSection
GetCurrentProcessId
FreeLibrary
WideCharToMultiByte
GetSystemTimeAsFileTime
GetSystemTime
FormatMessageA
CreateFileMappingW
MapViewOfFile
QueryPerformanceCounter
GetTickCount
FlushFileBuffers
FindNextFileW
FindFirstFileExW
FindClose
HeapReAlloc
GetTimeZoneInformation
ReadConsoleW
HeapAlloc
HeapFree
GetCommandLineA
GetConsoleMode
GetConsoleOutputCP
GetFileType
GetStdHandle
SetFilePointerEx
GetFileSizeEx
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetModuleHandleExW
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
SetLastError
RaiseException
InterlockedFlushSList
RtlUnwind
GetCPInfo
GetStringTypeW
LCMapStringEx
GetCommandLineW
GetProcessHeap
SetStdHandle
WriteConsoleW
HeapSize
GetSystemInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
InitializeCriticalSectionEx
EncodePointer
DecodePointer

user32

EnumChildWindows
CallNextHookEx
MoveWindow
UnhookWindowsHookEx
EnumWindows
SetWindowsHookExW
EnableMenuItem
SetForegroundWindow
SendInput
GetWindowTextW
MessageBoxW
SetWindowTextW
ShowWindow
EnableWindow
CallWindowProcW
GetFocus
IsWindowVisible
GetDlgItemTextW
SendDlgItemMessageW
GetSysColor
SetFocus
GetDlgItem
UpdateWindow
InvalidateRect
GetWindowLongW
CreateDialogParamW
SetWindowPos
ClientToScreen
SetWindowLongW
GetClientRect
CreateDialogIndirectParamW
SendMessageW
DestroyWindow
SetActiveWindow
SetDlgItemTextW
GetKeyState
GetWindowRect

gdi32

SetTextColor
SetBkMode
CreateSolidBrush
CreateFontW

comdlg32

GetSaveFileNameW

Exports

Exports

VisibleEntry
beNotified
getFuncsArray
getName
isUnicode
messageProc
setInfo

Sections

.text
Size: 823KB - Virtual size: 822KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 157KB - Virtual size: 157KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 702KB - Virtual size: 712KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

e5f285b8e49d243627585d8cc4bcaddd

Headers

DLL Characteristics

File Characteristics

Imports

winhttp

shlwapi

kernel32

user32

gdi32

comdlg32

Exports

Exports

Sections

.text Size: 823KB - Virtual size: 822KB

.rdata Size: 157KB - Virtual size: 157KB

.data Size: 702KB - Virtual size: 712KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 30KB - Virtual size: 30KB

.text
Size: 823KB - Virtual size: 822KB

.rdata
Size: 157KB - Virtual size: 157KB

.data
Size: 702KB - Virtual size: 712KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 30KB - Virtual size: 30KB