SecuriteInfo[.]com[.]BScope[.]Backdoor[.]Attack[.]16183[.]3307

General

Target

SecuriteInfo.com.BScope.Backdoor.Attack.16183.3307
Size

66KB
MD5

f95dd05c988d7e2f9671e69d0b019d20
SHA1

bd34ea45cf08013b35e22fbf05918101af42c49d
SHA256

69d37af76495d54a2c090cef9db4039f45598e1015e0b4f7c251e003041205f2
SHA512

d951d9c1318b466d0fcadb4d90edecf33fc18c5dbe3c81ec4b2a57b78fa5d8ad439d0a54f61fa07702db8d3fd52c4522c3c33625d459f876da10fde6ee8c6107
SSDEEP

768:RJ0a2GS8TYXGvZAneK1oOIlXRmrv9X0BvfSr/iB99JbuxccttQHjc:s78TYXNqOAM0Bv06Artkc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SecuriteInfo.com.BScope.Backdoor.Attack.16183.3307

Files

SecuriteInfo.com.BScope.Backdoor.Attack.16183.3307
.dll windows:4 windows x86 arch:x86

241f606165613c2702e3f92a5546832e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateThread
GetProcessHeap
GetModuleHandleA
ExitProcess
HeapAlloc
HeapReAlloc
HeapFree
IsBadReadPtr
Sleep
CloseHandle
GetCommandLineA
GetVersion
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
WriteFile
GetProcAddress
RaiseException
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
LoadLibraryA
SetFilePointer
InterlockedDecrement
InterlockedIncrement
RtlUnwind
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetStdHandle
FlushFileBuffers

user32

PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
wsprintfA
MessageBoxA
SetWindowTextA
FindWindowA

Exports

Exports

Taoist

Sections

.text
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

241f606165613c2702e3f92a5546832e

Headers

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 36KB - Virtual size: 33KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 16KB - Virtual size: 18KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 36KB - Virtual size: 33KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 16KB - Virtual size: 18KB

.reloc
Size: 4KB - Virtual size: 3KB