beoclient[.]exe

General

Target

beoclient.exe
Size

276KB
MD5

4fd21f72ae8aed8d7e49eb5b67ea851a
SHA1

4e8c3244c68bbbe23eb7bc7d785bde1fbb079866
SHA256

78d710c81abc7be850515d20e5066c4c5b6b76e64736c41ae20f7fc3929006aa
SHA512

2220eb46b5969da14d7107f107549c71d6d73be6207d8938c62002b817db01ba79beaee277a4ed33255cf901b1e4a5ff647aa074ffe7ed0e595c747841ab3b47
SSDEEP

6144:33K9e8HlKokcaBFV3dEA79doWUfZbSYnJ5qdfc:3aRezt35d2Z1c

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
beoclient.exe

Files

beoclient.exe
.exe windows:4 windows x86

6aa25ea85eafa7e50d9517a07aeecf1b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
CloseHandle
CreateFileA
GetNumberOfConsoleInputEvents
PeekNamedPipe
FlushConsoleInputBuffer
SetConsoleMode
GetConsoleMode
GetStdHandle
HeapAlloc
HeapFree
GetTimeZoneInformation
GetSystemTime
GetLocalTime
HeapReAlloc
GetLastError
SetConsoleCtrlHandler
ExitProcess
TerminateProcess
GetCurrentProcess
PeekConsoleInputA
GetCommandLineA
GetVersion
SetHandleCount
GetFileType
GetStartupInfoA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetProcAddress
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
FlushFileBuffers
WriteFile
UnhandledExceptionFilter
ReadFile
SetFilePointer
GetFileAttributesA
GetStringTypeA
GetStringTypeW
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
RtlUnwind
SetStdHandle
GetCPInfo
CompareStringA
CompareStringW
GetACP
GetOEMCP
SetEnvironmentVariableA
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
LoadLibraryA
RaiseException
SetEndOfFile
GetSystemTimeAsFileTime

Sections

.text
Size: 200KB - Virtual size: 197KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6aa25ea85eafa7e50d9517a07aeecf1b

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 200KB - Virtual size: 197KB

.rdata Size: 24KB - Virtual size: 23KB

.data Size: 48KB - Virtual size: 1.2MB

.text
Size: 200KB - Virtual size: 197KB

.rdata
Size: 24KB - Virtual size: 23KB

.data
Size: 48KB - Virtual size: 1.2MB