bjh29[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bjh29.exe
Size

3.0MB
MD5

86c6c878603861c381b905e19ab68af1
SHA1

9aa0a6d00bf6b3165216db24e2cc6375c0ccb34b
SHA256

3948c1e5cfe095515f317b8c48a0732e4629ef4ecf1e4ef5e25ab1f01c3241c5
SHA512

4124b0610520d254d09b0c66945c077905a1537c0dbef712bf65737b8833f2db512be19823658526263d457bbcc0822b69b3dd183f032db9996828f71e7a2872
SSDEEP

98304:ByHwX/dvyCkQAgx5yCW0BEc38HdnSLgP9+UVur:ByHwvdvPkQAgjyn6EjS0P9HVur

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bjh29.exe

Files

bjh29.exe
.exe windows x86

9b95a2b54db5aaa0ef4760a5d73c52ba

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetACP
IsValidCodePage
LCMapStringA
LCMapStringW
GetConsoleCP
GetConsoleMode
GetStdHandle
InitializeCriticalSectionAndSpinCount
HeapCreate
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
HeapSize
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetStringTypeA
GetStringTypeW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetProcessHeap
CompareStringW
SetEnvironmentVariableA
WideCharToMultiByte
VirtualQuery
HeapReAlloc
GetStartupInfoA
GetCommandLineA
HeapAlloc
HeapFree
ExitProcess
Sleep
RaiseException
RtlUnwind
GetOEMCP
GetCPInfo
SetErrorMode
GlobalFlags
GetFileSizeEx
FileTimeToLocalFileTime
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
InterlockedIncrement
GetModuleHandleW
FileTimeToSystemTime
GetTickCount
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
InterlockedExchange
lstrcmpA
GetCurrentProcessId
InterlockedDecrement
GetModuleFileNameW
FreeResource
WinExec
GetWindowsDirectoryA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
FreeLibrary
CompareStringA
lstrcmpW
GetVersionExA
GetModuleFileNameA
GetVolumeInformationA
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
lstrcmpiA
GetThreadLocale
GetStringTypeExA
GetFullPathNameA
GetFileTime
GlobalFree
FormatMessageA
LocalFree
MultiByteToWideChar
GetModuleHandleA
LoadLibraryA
GetProcAddress
SetLastError
GlobalAlloc
MulDiv
GlobalLock
GlobalUnlock
SetFileTime
GetFileAttributesA
CreateDirectoryA
LocalFileTimeToFileTime
lstrcpyA
lstrlenA
lstrcatA
GetCurrentDirectoryA
SystemTimeToFileTime
ReadFile
SetFilePointer
GetCurrentThreadId
DeleteFileA
WriteFile
FlushViewOfFile
FindFirstFileA
FindClose
CreateFileA
GetLastError
CreateFileMappingA
CloseHandle
MapViewOfFile
UnmapViewOfFile
GetSystemInfo
VirtualAlloc
VirtualProtect
VirtualFree
LoadResource
LockResource
SizeofResource
FindResourceA
GetFileType

user32

UnregisterClassA
DestroyIcon
CharNextA
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
GetDCEx
LockWindowUpdate
RegisterClipboardFormatA
WindowFromPoint
MapVirtualKeyA
GetKeyNameTextA
IsZoomed
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
SetWindowContextHelpId
MapDialogRect
ShowOwnedPopups
GetMessageA
TranslateMessage
ValidateRect
PostQuitMessage
EndPaint
BeginPaint
GetWindowDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
UnpackDDElParam
ReuseDDElParam
GetWindowThreadProcessId
InsertMenuItemA
CreatePopupMenu
SetRectEmpty
GetDesktopWindow
RedrawWindow
TranslateMDISysAccel
BringWindowToTop
GetActiveWindow
DrawMenuBar
DefFrameProcA
DestroyMenu
GetMenuItemInfoA
RegisterWindowMessageA
LoadIconA
WinHelpA
GetCapture
GetClassLongA
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
PostThreadMessageA
SetForegroundWindow
PostMessageA
MessageBoxA
GetClassInfoExA
GetClassInfoA
RegisterClassA
EqualRect
DeferWindowPos
SetScrollInfo
SetWindowPlacement
DefWindowProcA
GetMenu
IntersectRect
GetWindowPlacement
IsIconic
AdjustWindowRectEx
IsChild
PtInRect
PeekMessageA
CharUpperA
GetWindowTextLengthA
SetWindowPos
SetFocus
IsWindowEnabled
ShowWindow
MoveWindow
GetDlgCtrlID
SetWindowTextA
IsDialogMessageA
SendDlgItemMessageA
GetWindow
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
GetFocus
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuState
GetMenuStringA
AppendMenuA
GetMenuItemID
InsertMenuA
GetMenuItemCount
SetMenuItemInfoA
DrawEdge
CopyIcon
GetKeyState
SetCapture
SetTimer
TranslateAcceleratorA
LoadAcceleratorsA
ReleaseCapture
KillTimer
GetCursorPos
ScreenToClient
LoadCursorA
CreateMenu
CopyAcceleratorTableA
SetCursor
GetSysColorBrush
SetParent
GetSystemMenu
DeleteMenu
IsRectEmpty
GetDlgItem
IsWindow
CreateCaret
SetCaretPos
ShowCaret
HideCaret
UpdateWindow
DrawFocusRect
SetRect
FillRect
CopyRect
GetWindowTextA
DrawStateA
InvalidateRect
wsprintfA
GetClientRect
GetSysColor
GetWindowRect
OffsetRect
InflateRect
CallWindowProcA
GetClassNameA
GetWindowLongA
SetPropA
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
GetPropA
SetWindowLongA
RemovePropA
GetDC
ReleaseDC
SystemParametersInfoA
SendMessageA
GetSystemMetrics
IsWindowVisible
EnableWindow
ClientToScreen
LoadMenuA
GetSubMenu
GetParent
CreateWindowExA
DrawIconEx

gdi32

RectVisible
TextOutA
Escape
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreatePatternBrush
PtVisible
GetTextMetricsA
CreateRectRgnIndirect
GetBkColor
GetCharWidthA
CreateFontA
StretchDIBits
SetRectRgn
CombineRgn
GetMapMode
Ellipse
GetTextColor
GetRgnBox
GetViewportExtEx
GetWindowExtEx
CreateRectRgn
SelectClipRgn
DeleteObject
MoveToEx
LineTo
IntersectClipRect
DeleteDC
SetBkMode
RestoreDC
SaveDC
ExtTextOutA
SetBkColor
SetTextColor
GetClipBox
GetStockObject
PatBlt
DPtoLP
CreateBitmap
GetObjectA
GetDeviceCaps
CreateFontIndirectA
RoundRect
GetTextExtentPoint32A
CreatePen
CreateSolidBrush
GetPixel
SetPixel
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
BitBlt
ExcludeClipRect

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegDeleteKeyA
RegDeleteValueA
RegSetValueExA
RegCreateKeyExA
RegQueryValueA
RegEnumKeyA
RegCloseKey
RegOpenKeyExA
RegOpenKeyA
RegQueryValueExA

shell32

DragFinish
DragQueryFileA
ShellExecuteA

comctl32

_TrackMouseEvent

shlwapi

PathIsUNCA
PathFindExtensionA
PathFindFileNameA
PathStripToRootA

oledlg

ord8

ole32

OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
CoRegisterMessageFilter
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
OleFlushClipboard
OleIsCurrentClipboard
CLSIDFromString
CLSIDFromProgID
CoTaskMemAlloc
CoTaskMemFree

oleaut32

SysStringLen
SysAllocString
OleCreateFontIndirect
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantCopy
SysAllocStringLen
VariantInit
VariantChangeType
VariantClear
SysAllocStringByteLen
SysFreeString

wininet

InternetOpenUrlA
InternetOpenA
InternetCloseHandle

Sections

.text
Size: 360KB - Virtual size: 360KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 87KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9b95a2b54db5aaa0ef4760a5d73c52ba

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

wininet

Sections

.text Size: 360KB - Virtual size: 360KB

.rdata Size: 87KB - Virtual size: 86KB

.data Size: 2.6MB - Virtual size: 2.6MB

.rsrc Size: 32KB - Virtual size: 32KB

.text
Size: 360KB - Virtual size: 360KB

.rdata
Size: 87KB - Virtual size: 86KB

.data
Size: 2.6MB - Virtual size: 2.6MB

.rsrc
Size: 32KB - Virtual size: 32KB