37e04d9f173650c12ab5cbdfd932516d

Sharing

Copy URL Twitter E-mail

General

Target

37e04d9f173650c12ab5cbdfd932516d
Size

699KB
MD5

37e04d9f173650c12ab5cbdfd932516d
SHA1

b78bc024ef038c2a119bea594633a18cd50751b2
SHA256

61d010f6f67982bd9159508759c36b13ffb09fbe55393943c7aa0749697feccc
SHA512

120e726addec82c6313af2500e1c57501e54057a8606c051b3b5dfaf8ff593558455b0c1f9fc5d564a86fca69494d2dab2e42ce6129a00f34bb08fad9ae6d062
SSDEEP

12288:WCh4qe39Y0YucKXUMxsKtBUvfCI/kw3KNhd56qFz1uQQ4cYM:WCh4qe3q0YudxsKIvfzDkd56sJuQLM

Score

3^/10

Malware Config

Signatures

Unsigned PE 5 IoCs

Checks for missing Authenticode signature.

resource
unpack001/BBsee1.3/BBsee.exe
unpack001/BBsee1.3/BBseeSock.dll
unpack001/BBsee1.3/Plug_in/Real/RealMediaSplitter.ax
unpack001/BBsee1.3/UPNP.dll
unpack001/BBsee1.3/libcurl.dll

Files

37e04d9f173650c12ab5cbdfd932516d
.rar
BBsee1.3/BBsee.exe
.exe windows:4 windows x86 arch:x86

4c88e216ebaabee78db2d296ca430b33

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

libcurl

curl_easy_getinfo
curl_easy_init
curl_easy_setopt
curl_easy_cleanup
curl_easy_perform

bbseesock

GetTorrentByPos
GetNextPos
CleanUp
SetWndHandle
SetMaxDownload
SetMaxDLSpeed
SetMaxULSpeed
GetPendingNum
GetHeadPos
IsPending
GetDLSpeed
IsDownloading
DelDownload
AddDownload
GetDownloadingNum
IsFinished
GetPosByTorrent
InitDownloader

iphlpapi

GetAdaptersInfo

kernel32

SetErrorMode
FileTimeToLocalFileTime
GetFileAttributesA
GetFileTime
GetTickCount
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapFree
HeapReAlloc
HeapAlloc
ExitProcess
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
GetProcessHeap
GetStartupInfoA
RtlUnwind
RaiseException
HeapSize
HeapDestroy
HeapCreate
VirtualFree
GetStdHandle
GetACP
GetStringTypeA
GetStringTypeW
GetConsoleCP
GetConsoleMode
SetHandleCount
GetFileType
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
LCMapStringA
LCMapStringW
GetTimeZoneInformation
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetLocaleInfoW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
FileTimeToSystemTime
GetOEMCP
GetCPInfo
GlobalFlags
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
InterlockedIncrement
WaitForSingleObject
WritePrivateProfileStringA
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
ReleaseMutex
CreateMutexA
lstrcmpA
GetCurrentProcessId
GetFullPathNameA
GetVolumeInformationA
GetCurrentProcess
DuplicateHandle
CloseHandle
GetThreadLocale
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
DeleteFileA
InterlockedDecrement
GetModuleFileNameW
GlobalFree
FormatMessageA
LocalFree
MulDiv
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpW
GetVersionExA
FreeLibrary
GetWindowsDirectoryA
GetLocalTime
CreateFileA
GetModuleHandleA
GetModuleFileNameA
LoadLibraryA
CopyFileA
GetProcAddress
SetLastError
GetSystemDirectoryA
ExpandEnvironmentStringsA
SetCurrentDirectoryA
TerminateThread
GetExitCodeThread
Sleep
FindClose
FindNextFileA
FindFirstFileA
InitializeCriticalSection
GetCurrentDirectoryA
LockResource
FreeResource
GlobalUnlock
GlobalLock
GlobalAlloc
SizeofResource
LoadResource
FindResourceA
CreateThread
GetLastError
WideCharToMultiByte
InterlockedExchange
MultiByteToWideChar
GetVersion
CompareStringW
CompareStringA
lstrlenA
LeaveCriticalSection
EnterCriticalSection
CreateDirectoryA

user32

InvalidateRgn
GetNextDlgGroupItem
TranslateAcceleratorA
SetMenu
BringWindowToTop
InsertMenuItemA
LoadAcceleratorsA
ReuseDDElParam
UnpackDDElParam
RegisterClipboardFormatA
PostThreadMessageA
ShowOwnedPopups
GetMessageA
TranslateMessage
ValidateRect
SetWindowContextHelpId
MapDialogRect
PostQuitMessage
GetWindowThreadProcessId
WindowFromPoint
GetActiveWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
InflateRect
EndPaint
BeginPaint
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetMenuStringA
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
CheckMenuItem
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SetFocus
GetWindowTextLengthA
GetWindowTextA
CopyAcceleratorTableA
GetLastActivePopup
SetActiveWindow
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetScrollRange
GetScrollRange
GetScrollPos
ShowScrollBar
UpdateWindow
GetMenu
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
DefWindowProcA
CallWindowProcA
SetWindowLongA
OffsetRect
IntersectRect
IsIconic
GetWindowPlacement
GetWindow
GetKeyState
ClientToScreen
CopyIcon
ReleaseCapture
SetCapture
DrawStateA
ModifyMenuA
InsertMenuA
GetDC
GetSubMenu
GetMenuState
GetMenuItemID
GetMenuItemCount
LoadMenuA
CreateMenu
CreatePopupMenu
ReleaseDC
GetSysColor
GetWindowDC
LoadCursorA
SetCursor
DestroyCursor
ScreenToClient
CopyRect
GetFocus
GetWindowLongA
PtInRect
GetCursorPos
IsZoomed
LoadIconA
MessageBeep
UnregisterClassA
GetSysColorBrush
SetRectEmpty
KillTimer
FillRect
LoadImageA
DestroyMenu
GetMenuItemInfoA
CharNextA
DrawIcon
GetForegroundWindow
IsRectEmpty
SetScrollPos
SetRect
SetTimer
GetDesktopWindow
SetWindowRgn
SetWindowPos
GetSystemMetrics
SystemParametersInfoA
SetForegroundWindow
FindWindowA
EnableMenuItem
IsWindowVisible
IsWindow
GetDlgCtrlID
PostMessageA
SendMessageA
GetWindowRect
InvalidateRect
GetParent
GetClientRect
CharUpperA
EnableWindow
MessageBoxA
IsChild

gdi32

TextOutA
ExtTextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
RectVisible
CreatePatternBrush
CreateFontIndirectA
CreateRectRgnIndirect
GetMapMode
DPtoLP
CreateEllipticRgn
LPtoDP
Ellipse
GetBkColor
GetRgnBox
MoveToEx
LineTo
SetMapMode
PtVisible
GetPixel
GetWindowExtEx
GetViewportExtEx
CreateSolidBrush
CreateRectRgn
RoundRect
Rectangle
CreatePen
CreateCompatibleBitmap
BitBlt
CreateCompatibleDC
SetStretchBltMode
SetROP2
SetBkMode
RestoreDC
SaveDC
GetDeviceCaps
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
GetObjectA
SetPixel
GetTextExtentPoint32A
GetTextColor
GetStockObject
StretchBlt
CreateRoundRectRgn
DeleteObject

comdlg32

GetFileTitleA
GetOpenFileNameA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegSetValueA
RegSetValueExA
RegCreateKeyA
RegOpenKeyA
RegCloseKey
RegOpenKeyExA
RegCreateKeyExA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegQueryValueExA

shell32

DragFinish
SHBrowseForFolderA
SHGetPathFromIDListA
Shell_NotifyIconA
DragQueryFileA
ShellExecuteA

comctl32

InitCommonControlsEx
_TrackMouseEvent

shlwapi

PathIsUNCA
PathFindExtensionA
PathStripToRootA
PathFindFileNameA

oledlg

ord8

ole32

CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoTaskMemAlloc
CoTaskMemFree
CreateStreamOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter

oleaut32

SysAllocStringLen
VariantInit
VariantChangeType
VariantClear
OleLoadPicture
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
VariantCopy
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
SysStringLen
SysFreeString
SysAllocStringByteLen
SysAllocString
OleCreateFontIndirect
SafeArrayUnaccessData
SafeArrayAccessData

ws2_32

ioctlsocket
connect
WSAGetLastError
recv
send
closesocket
inet_addr
htons
socket
gethostname
gethostbyname
inet_ntoa
__WSAFDIsSet
getsockopt
select
WSAStartup

Sections

.text
Size: 456KB - Virtual size: 454KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
BBsee1.3/BBseeSock.dll
.dll windows:4 windows x86 arch:x86

af46c3b11421b54385c3e10496150f63

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

closesocket
listen
__WSAFDIsSet
socket
gethostname
inet_addr
gethostbyname
getsockopt
ioctlsocket
select
connect
recv
send
ntohl
htonl
inet_ntoa
WSAGetLastError
htons
ntohs
bind
accept

upnp

LNat_Upnp_Discover
LNat_Upnp_Can_Use_ThisPort
LNat_Upnp_Set_Port_Mapping
LNat_Upnp_Get_Port_Mapping
LNat_Upnp_Controller_Free
LNat_Upnp_Get_Public_Ip
LNat_Upnp_Remove_Port_Mapping

kernel32

GetCurrentProcess
CompareStringA
GetLocaleInfoW
SetEndOfFile
GetTimeZoneInformation
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
HeapReAlloc
VirtualAlloc
VirtualFree
SystemTimeToFileTime
GetSystemTime
InitializeCriticalSection
TerminateThread
Sleep
LeaveCriticalSection
GetCurrentDirectoryW
EnterCriticalSection
GetExitCodeThread
DeleteCriticalSection
CloseHandle
CreateThread
GetLocalTime
HeapCreate
HeapDestroy
SetStdHandle
FlushFileBuffers
CreateFileA
ExitProcess
HeapSize
SetFilePointer
FreeLibrary
InterlockedExchange
GetLastError
GetProcAddress
LoadLibraryA
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
FindFirstFileA
GetSystemTimeAsFileTime
CreateDirectoryA
SetEnvironmentVariableA
GetCurrentDirectoryA
GetFullPathNameA
HeapFree
TerminateProcess
CompareStringW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCurrentThreadId
GetCommandLineA
GetVersionExA
HeapAlloc
GetProcessHeap
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
WriteFile
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
RaiseException
RtlUnwind
MultiByteToWideChar
ReadFile

user32

PostMessageA

ole32

CoCreateInstance
CoInitialize
CoUninitialize

oleaut32

SysFreeString
SysStringLen
SysAllocString

Exports

Exports

AddDownload
CleanUp
DelDownload
GetDLSpeed
GetDownloadNum
GetDownloadingNum
GetHeadPos
GetNextPos
GetPendNum
GetPendingNum
GetPosByTorrent
GetProgress
GetTorrentByPos
GetULSpeed
InitDownloader
IsDownloading
IsFinished
IsPending
SetMaxDLSpeed
SetMaxDownload
SetMaxULSpeed
SetWndHandle

Sections

.text
Size: 196KB - Virtual size: 194KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BBsee1.3/ChannelInfo.xml
.xml
BBsee1.3/Configure.xml
.xml
BBsee1.3/Data/BBsee.swf
BBsee1.3/FileInfo.xml
.xml
BBsee1.3/Plug_in/Real/RealMediaSplitter.ax
.dll regsvr32 windows:4 windows x86 arch:x86

f79bf9ac2177d3d25eeed41ffd8b9782

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFullPathNameW
LocalAlloc
GlobalAddAtomW
WritePrivateProfileStringW
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
SetErrorMode
GetModuleHandleA
GlobalFlags
CompareStringW
GetVersionExA
LoadLibraryA
GlobalFindAtomW
HeapFree
RtlUnwind
HeapAlloc
GetCommandLineA
GetProcessHeap
SetFilePointer
ExitProcess
SetStdHandle
GetFileType
VirtualQuery
HeapSize
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapDestroy
HeapCreate
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetStdHandle
LCMapStringA
LCMapStringW
SetHandleCount
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
WriteFile
ReadFile
GetThreadLocale
GetFileTime
GetFileSize
GetFileAttributesW
FileTimeToLocalFileTime
FileTimeToSystemTime
GetCurrentProcessId
GlobalDeleteAtom
ConvertDefaultLocale
EnumResourceLanguagesW
GetLocaleInfoW
CompareStringA
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageW
LocalFree
SetLastError
DeleteFileW
Sleep
RaiseException
GetModuleFileNameW
GetVersion
CreateFileW
GetVolumeInformationW
FindFirstFileW
FindClose
DisableThreadLibraryCalls
CreateThread
GetVersionExW
GetTickCount
GetCurrentThread
SetThreadPriority
InterlockedExchange
GetModuleHandleW
VirtualAlloc
CreateSemaphoreW
GetCurrentThreadId
GetCurrentProcess
DuplicateHandle
VirtualFree
GetSystemInfo
ReleaseSemaphore
WaitForSingleObject
ResetEvent
SetEvent
CreateEventW
CloseHandle
lstrcpynW
InterlockedDecrement
InterlockedIncrement
lstrcmpW
GetLastError
lstrlenA
lstrlenW
GetModuleFileNameA
LoadLibraryW
GetProcAddress
FreeLibrary
WideCharToMultiByte
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
MultiByteToWideChar
FindResourceW
LoadResource
LockResource
SizeofResource
HeapReAlloc

user32

LoadIconW
WinHelpW
GetCapture
GetClassLongW
SetPropW
GetPropW
RemovePropW
IsWindow
GetForegroundWindow
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
UnregisterClassA
SetForegroundWindow
GetClientRect
GetMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
CopyRect
DefWindowProcW
CallWindowProcW
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindow
GetDlgCtrlID
GetWindowRect
GetClassNameW
PtInRect
GetWindowTextW
SetWindowTextW
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
LoadCursorW
GetDC
ReleaseDC
GetSysColor
UnregisterClassW
SetCursor
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
GetActiveWindow
IsWindowVisible
GetKeyState
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
ModifyMenuW
EnableMenuItem
CheckMenuItem
CharUpperW
GetSystemMetrics
DestroyMenu
ShowWindow
SetWindowLongW
GetWindowThreadProcessId
SendMessageW
GetParent
GetWindowLongW
GetLastActivePopup
IsWindowEnabled
EnableWindow
MessageBoxW
UnhookWindowsHookEx
PostMessageW
PostQuitMessage
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
SetRect
DispatchMessageW
RegisterWindowMessageW
PeekMessageW
GetSysColorBrush

gdi32

ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
GetStockObject
RestoreDC
SetViewportExtEx
PtVisible
SaveDC
OffsetViewportOrgEx
CreateBitmap
SetViewportOrgEx
SelectObject
Escape
ExtTextOutW
TextOutW
SetBkColor
GetDeviceCaps
DeleteObject
GetClipBox
SetMapMode
SetTextColor
RectVisible

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegQueryValueW
RegEnumKeyW
RegOpenKeyW
RegCreateKeyExW
RegCreateKeyW
RegSetValueW
RegSetValueExW
RegEnumKeyExW
RegDeleteKeyW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey

shlwapi

PathIsUNCW
PathFindExtensionW
PathStripToRootW
PathRemoveFileSpecA
PathAddBackslashA
PathFindFileNameW

ole32

StringFromGUID2
CoCreateInstance
CoUninitialize
CoFreeUnusedLibraries
CoInitialize
CoTaskMemFree
CoTaskMemAlloc
CLSIDFromString

oleaut32

VariantInit
VariantChangeType
SysAllocStringLen
SysAllocString
SysFreeString
VariantClear

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 264KB - Virtual size: 262KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

_TEXT64
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 896B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BBsee1.3/Skins/ItemDefault.jpg
.jpg
BBsee1.3/Skins/Logo.ico
BBsee1.3/Skins/banner.bmp
BBsee1.3/Skins/btn_del2.bmp
BBsee1.3/Skins/btn_down.bmp
BBsee1.3/Skins/btn_down2.bmp
BBsee1.3/Skins/btn_downstatus.bmp
BBsee1.3/Skins/btn_more2.bmp
BBsee1.3/Skins/btn_myprogram.bmp
BBsee1.3/Skins/btn_newprogram.bmp
BBsee1.3/Skins/btn_play.bmp
BBsee1.3/Skins/btn_reserve2.bmp
BBsee1.3/Skins/btn_showsub.bmp
BBsee1.3/Skins/btn_stop.bmp
BBsee1.3/Skins/btn_stop2.bmp
BBsee1.3/Skins/btn_sub.bmp
BBsee1.3/Skins/btn_sub_browser.bmp
BBsee1.3/Skins/btn_sub_cancel.bmp
BBsee1.3/Skins/btn_sub_close.bmp
BBsee1.3/Skins/btn_sub_ok.bmp
BBsee1.3/Skins/btn_sub_play.bmp
BBsee1.3/Skins/btn_sub_set.bmp
BBsee1.3/Skins/btn_sub_sub.bmp
BBsee1.3/Skins/list_status.bmp
BBsee1.3/Skins/menu_disable.bmp
BBsee1.3/Skins/menu_normal.bmp
BBsee1.3/Skins/menu_selected.bmp
BBsee1.3/Skins/progress.bmp
BBsee1.3/Skins/sys_close.bmp
BBsee1.3/Skins/sys_max.bmp
BBsee1.3/Skins/sys_menu.bmp
BBsee1.3/Skins/sys_min.bmp
BBsee1.3/Skins/sys_restore.bmp
BBsee1.3/Skins/sys_web.bmp
BBsee1.3/Skins/tree_addsub.bmp
BBsee1.3/Skins/tree_check.bmp
BBsee1.3/Skins/tree_dot.bmp
BBsee1.3/UPNP.dll
.dll windows:4 windows x86 arch:x86

37b7f75e513bd0689917ff31e7f5371e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

ioctlsocket
connect
WSAStartup
WSACleanup
socket
closesocket
inet_ntoa
recvfrom
select
htons
getsockname
sendto
recv
__WSAFDIsSet
gethostbyname
send

kernel32

InterlockedIncrement
CreateFileA
ReadFile
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
CloseHandle
EnterCriticalSection
LeaveCriticalSection
GetLastError
HeapFree
HeapAlloc
GetProcAddress
GetModuleHandleA
ExitProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
HeapReAlloc
GetCurrentThreadId
GetCommandLineA
GetVersionExA
GetProcessHeap
TerminateProcess
GetCurrentProcess
IsDebuggerPresent
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
Sleep
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
WriteFile
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
InterlockedDecrement
LoadLibraryA
InitializeCriticalSection
GetCPInfo
GetACP
GetOEMCP
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetConsoleCP
GetConsoleMode
FlushFileBuffers
RtlUnwind
SetFilePointer
HeapSize
GetLocaleInfoA
GetStringTypeA
GetStringTypeW

Exports

Exports

LNat_Print_Error
LNat_Upnp_Can_Use_ThisPort
LNat_Upnp_Controller_Free
LNat_Upnp_Discover
LNat_Upnp_Get_Port_Mapping
LNat_Upnp_Get_Public_Ip
LNat_Upnp_Remove_Port_Mapping
LNat_Upnp_Set_Port_Mapping

Sections

.text
Size: 132KB - Virtual size: 129KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BBsee1.3/libcurl.dll
.dll windows:4 windows x86 arch:x86

6d8f19661e5500f3e4eaaf245e71de4f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wsock32

recvfrom
sendto
select
__WSAFDIsSet
connect
getprotobyname
setsockopt
getsockopt
inet_ntoa
recv
inet_addr
htons
WSASetLastError
gethostbyname
WSAGetLastError
send
WSAStartup
WSACleanup
ioctlsocket
socket
bind
ntohs
listen
getsockname
accept
closesocket

winmm

timeGetTime

msvcr71

_stricmp
_close
strchr
_strtoi64
strrchr
atoi
sscanf
time
fclose
fgets
fopen
_iob
strncmp
fputs
fseek
fread
_read
isspace
memchr
_errno
strstr
strtol
isxdigit
_stati64
rand
srand
gmtime
strtoul
free
malloc
strncpy
_strnicmp
isalnum
mktime
isalpha
getenv
_beginthreadex
sprintf
fputc
fwrite
memmove
toupper
tolower
_lseeki64
_fstati64
calloc
realloc
strerror
_sys_nerr
_initterm
_adjust_fdiv
__CppXcptFilter
_except_handler3
__dllonexit
_onexit
_open
_strdup
isdigit
fflush

kernel32

ReadFile
FreeLibrary
LoadLibraryA
GetProcAddress
PeekNamedPipe
WaitForMultipleObjects
DisableThreadLibraryCalls
Sleep
FormatMessageA
SleepEx
GetTickCount
TerminateThread
GetExitCodeThread
SetLastError
CreateMutexA
CreateEventA
SetEvent
ReleaseMutex
WaitForSingleObject
GetCurrentProcess
DuplicateHandle
CloseHandle
ExpandEnvironmentStringsA
GetLastError
GetStdHandle
GetFileType

Exports

Exports

curl_easy_cleanup
curl_easy_duphandle
curl_easy_escape
curl_easy_getinfo
curl_easy_init
curl_easy_perform
curl_easy_reset
curl_easy_setopt
curl_easy_strerror
curl_easy_unescape
curl_escape
curl_formadd
curl_formfree
curl_formget
curl_free
curl_getdate
curl_getenv
curl_global_cleanup
curl_global_init
curl_global_init_mem
curl_maprintf
curl_mfprintf
curl_mprintf
curl_msnprintf
curl_msprintf
curl_multi_add_handle
curl_multi_assign
curl_multi_cleanup
curl_multi_fdset
curl_multi_info_read
curl_multi_init
curl_multi_perform
curl_multi_remove_handle
curl_multi_setopt
curl_multi_socket
curl_multi_socket_all
curl_multi_strerror
curl_multi_timeout
curl_mvaprintf
curl_mvfprintf
curl_mvprintf
curl_mvsnprintf
curl_mvsprintf
curl_share_cleanup
curl_share_init
curl_share_setopt
curl_share_strerror
curl_slist_append
curl_slist_free_all
curl_strequal
curl_strnequal
curl_unescape
curl_version
curl_version_info

Sections

.text
Size: 120KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 364B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BBsee1.3/新云软件.url
.url

Sharing

General

Malware Config

Signatures

Files

4c88e216ebaabee78db2d296ca430b33

Headers

File Characteristics

Imports

libcurl

bbseesock

iphlpapi

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

ws2_32

Sections

.text Size: 456KB - Virtual size: 454KB

.rdata Size: 108KB - Virtual size: 107KB

.data Size: 16KB - Virtual size: 29KB

.rsrc Size: 36KB - Virtual size: 33KB

af46c3b11421b54385c3e10496150f63

Headers

File Characteristics

Imports

ws2_32

upnp

kernel32

user32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 196KB - Virtual size: 194KB

.rdata Size: 24KB - Virtual size: 22KB

.data Size: 8KB - Virtual size: 14KB

.reloc Size: 12KB - Virtual size: 11KB

f79bf9ac2177d3d25eeed41ffd8b9782

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shlwapi

ole32

oleaut32

Exports

Exports

Sections

.text Size: 264KB - Virtual size: 262KB

_TEXT64 Size: 4KB - Virtual size: 1KB

.rdata Size: 80KB - Virtual size: 78KB

.data Size: 28KB - Virtual size: 42KB

.rsrc Size: 4KB - Virtual size: 896B

.reloc Size: 40KB - Virtual size: 37KB

37b7f75e513bd0689917ff31e7f5371e

Headers

File Characteristics

Imports

ws2_32

kernel32

Exports

Exports

Sections

.text Size: 132KB - Virtual size: 129KB

.rdata Size: 20KB - Virtual size: 16KB

.text
Size: 456KB - Virtual size: 454KB

.rdata
Size: 108KB - Virtual size: 107KB

.data
Size: 16KB - Virtual size: 29KB

.rsrc
Size: 36KB - Virtual size: 33KB

.text
Size: 196KB - Virtual size: 194KB

.rdata
Size: 24KB - Virtual size: 22KB

.data
Size: 8KB - Virtual size: 14KB

.reloc
Size: 12KB - Virtual size: 11KB

.text
Size: 264KB - Virtual size: 262KB

_TEXT64
Size: 4KB - Virtual size: 1KB

.rdata
Size: 80KB - Virtual size: 78KB

.data
Size: 28KB - Virtual size: 42KB

.rsrc
Size: 4KB - Virtual size: 896B

.reloc
Size: 40KB - Virtual size: 37KB

.text
Size: 132KB - Virtual size: 129KB

.rdata
Size: 20KB - Virtual size: 16KB

.data
Size: 8KB - Virtual size: 12KB

.rsrc
Size: 4KB - Virtual size: 176B

.reloc
Size: 12KB - Virtual size: 8KB

.text
Size: 120KB - Virtual size: 117KB

.rdata
Size: 24KB - Virtual size: 23KB

.data
Size: 4KB - Virtual size: 364B

.rsrc
Size: 4KB - Virtual size: 992B

.reloc
Size: 8KB - Virtual size: 5KB