1c5a02a9cb21e8d47d099b2af3521e590f5949a19351cf12d36e7ac80131e17f

Sharing

Copy URL Twitter E-mail

General

Target

1c5a02a9cb21e8d47d099b2af3521e590f5949a19351cf12d36e7ac80131e17f
Size

899KB
MD5

d435ed8e98082002fecb99b7855f6a8d
SHA1

eff3a0508f4469f06a2beea0f39ac8c095ea183c
SHA256

1c5a02a9cb21e8d47d099b2af3521e590f5949a19351cf12d36e7ac80131e17f
SHA512

503d62dd11e75190ca79f2bb3a85ca8a2defa2d11f265d560cc056f9f38f7fd832589644ef3d5313d7fcfd33e0b47c780dca08e9bb99a62c0ccf93ce8dd8272f
SSDEEP

12288:upi1cuKhY3/xO/hy2GOz9w5LifsBGHFPJvmOSpqSsF6mtC8PIs40Yg45:leuT3/uUOpw5hBpOQqSsF6mtPu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1c5a02a9cb21e8d47d099b2af3521e590f5949a19351cf12d36e7ac80131e17f

Files

1c5a02a9cb21e8d47d099b2af3521e590f5949a19351cf12d36e7ac80131e17f
.exe windows:5 windows x86 arch:x86

c4d61a796e69c73fa7161733c95c8962

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\src\BgInfo\Release\Bginfo.pdb

Imports

wsock32

WSAStartup

comctl32

CreateToolbarEx
ord17

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

snmpapi

SnmpSvcGetUptime
SnmpUtilOidCpy
SnmpUtilOidNCmp

kernel32

SetEvent
SuspendThread
CreateEventA
InterlockedExchange
LoadLibraryExA
GetLocaleInfoA
EnumResourceLanguagesA
ConvertDefaultLocale
GetCurrentProcessId
GetCPInfo
GetOEMCP
GetAtomNameA
GetThreadLocale
GetModuleHandleW
GetPrivateProfileIntA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetCurrentDirectoryA
lstrlenW
GetProcessHeap
HeapFree
MultiByteToWideChar
SystemTimeToTzSpecificLocalTime
CompareStringW
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetLocaleInfoW
SetStdHandle
GetConsoleMode
GetConsoleCP
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetStringTypeW
GetStringTypeA
InitializeCriticalSectionAndSpinCount
SetConsoleCtrlHandler
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
LocalFileTimeToFileTime
GetFileType
SetHandleCount
GetTimeZoneInformation
GetStdHandle
LCMapStringW
LCMapStringA
HeapDestroy
SetFilePointer
SetUnhandledExceptionFilter
UnhandledExceptionFilter
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
VirtualQuery
VirtualProtect
GetCommandLineA
SetEnvironmentVariableA
DeleteFileA
GetFileAttributesA
FreeLibrary
GetEnvironmentStrings
GetCommandLineW
GetModuleHandleA
GetFullPathNameA
ExitProcess
GetModuleFileNameA
WaitForMultipleObjects
GetExitCodeProcess
TerminateProcess
OpenProcess
GetVersionExA
WideCharToMultiByte
CreateDirectoryA
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
MulDiv
GetComputerNameA
LoadLibraryA
GetProcAddress
GlobalMemoryStatus
FileTimeToLocalFileTime
FileTimeToSystemTime
QueryPerformanceCounter
QueryPerformanceFrequency
GetTickCount
SystemTimeToFileTime
GetLogicalDriveStringsA
GetDriveTypeA
SetErrorMode
GetVolumeInformationA
GetDiskFreeSpaceA
FindFirstFileA
FindClose
GetFileSize
ReadFile
GetEnvironmentVariableA
GetDateFormatA
GetTimeFormatA
GetWindowsDirectoryA
FindResourceA
LoadResource
SizeofResource
LockResource
ExpandEnvironmentStringsA
GetSystemInfo
GetCurrentThread
SetThreadAffinityMask
Sleep
GetCurrentProcess
GetProcessAffinityMask
GetLocalTime
CreateFileA
GetLastError
WriteFile
SetEndOfFile
CloseHandle
InterlockedDecrement
FormatMessageA
lstrlenA
LocalAlloc
GetSystemDirectoryA
LocalFree
InterlockedIncrement
MoveFileA
GetStringTypeExA
lstrcmpiA
FlushFileBuffers
LockFile
UnlockFile
DuplicateHandle
GetShortPathNameA
GetFileAttributesExA
FreeEnvironmentStringsA
HeapCreate
FatalAppExitA
IsDebuggerPresent
IsValidCodePage
GetACP
CreateThread
ExitThread
HeapSize
GetStartupInfoA
VirtualAlloc
VirtualFree
RaiseException
HeapAlloc
HeapReAlloc
WaitForSingleObject
ResumeThread
SetThreadPriority
GlobalFlags
lstrcmpA
GetModuleFileNameW
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
CopyFileA
RtlUnwind
GetSystemDirectoryW
LoadLibraryW
GetFileTime
GetFileSizeEx
SetFileAttributesA
SetFileTime
GlobalSize
FreeResource
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpW
SetLastError
CompareStringA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA

user32

FillRect
SubtractRect
InflateRect
GetSysColor
SystemParametersInfoA
DrawEdge
DrawIconEx
SetCapture
RegisterClipboardFormatA
EnableMenuItem
CheckMenuItem
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
RegisterClassExA
SetWindowPlacement
IntersectRect
LoadAcceleratorsA
GetMessageA
GetActiveWindow
TranslateAcceleratorA
IsDialogMessageA
TranslateMessage
DispatchMessageA
GetWindowPlacement
DestroyWindow
GetMenu
GetMenuItemInfoA
SetMenuItemInfoA
GetWindow
GetSystemMetrics
GetDlgCtrlID
CopyRect
SetScrollInfo
GetScrollInfo
EqualRect
RegisterClassA
GetClassInfoA
GetClassInfoExA
GetMenuItemCount
GetMenuItemID
ShowScrollBar
GetScrollPos
SetScrollPos
GetScrollRange
SetScrollRange
SetMenu
GetKeyState
TrackPopupMenuEx
ScrollWindow
PeekMessageA
GetMessagePos
GetMessageTime
UnhookWindowsHookEx
GetTopWindow
SetActiveWindow
GetLastActivePopup
GetForegroundWindow
IsWindow
GetFocus
RemovePropA
GetClassLongA
CallNextHookEx
SetWindowsHookExA
GetCapture
IsChild
WinHelpA
SendDlgItemMessageA
RegisterWindowMessageA
GetMenuState
ModifyMenuA
LoadBitmapA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
RemoveMenu
InsertMenuA
AppendMenuA
GetMenuStringA
GetDlgItemInt
SetDlgItemInt
IsWindowEnabled
ScrollWindowEx
DestroyMenu
ClientToScreen
SetSysColors
ValidateRect
TabbedTextOutA
DrawTextExA
GrayStringA
GetWindowDC
GetWindowThreadProcessId
SetRectEmpty
UnregisterClassA
ShowOwnedPopups
DeleteMenu
DestroyIcon
CharUpperA
BringWindowToTop
CreatePopupMenu
InsertMenuItemA
ReleaseCapture
GetMenuBarInfo
ReuseDDElParam
UnpackDDElParam
SetRect
WindowFromPoint
GetKeyNameTextA
MapVirtualKeyA
IsRectEmpty
GetSystemMenu
SetParent
GetNextDlgTabItem
CreateDialogIndirectParamA
GetDCEx
LockWindowUpdate
GetDialogBaseUnits
SetTimer
LoadStringA
IsIconic
CheckMenuRadioItem
CreateDialogParamA
GetWindowTextLengthA
KillTimer
GetWindowTextA
IsZoomed
PtInRect
DrawFrameControl
DefWindowProcA
IsWindowVisible
GetCursorPos
LoadMenuA
GetSubMenu
SetMenuDefaultItem
SetForegroundWindow
TrackPopupMenu
AdjustWindowRectEx
SetWindowPos
UpdateWindow
ShowWindow
EnableWindow
CheckRadioButton
BeginPaint
EndPaint
DialogBoxParamA
GetDlgItemTextA
IsDlgButtonChecked
CheckDlgButton
LoadIconA
PostMessageA
ChildWindowFromPoint
SetFocus
MoveWindow
CreateWindowExA
FrameRect
MapWindowPoints
CallWindowProcA
SetDlgItemTextA
MessageBoxA
PostQuitMessage
SetWindowLongA
SetPropA
GetPropA
BeginDeferWindowPos
EnumChildWindows
EndDeferWindowPos
GetClientRect
UnionRect
GetParent
GetClassNameA
GetWindowLongA
InvalidateRect
DeferWindowPos
GetWindowRect
ScreenToClient
DialogBoxIndirectParamA
GetDlgItem
OffsetRect
GetSysColorBrush
GetUserObjectInformationA
GetProcessWindowStation
EndDialog
LoadCursorA
LoadImageA
GetDC
ReleaseDC
GetDesktopWindow
PostThreadMessageA
SendMessageA
SetWindowTextA
DrawTextA
SetCursor

gdi32

PatBlt
CreateFontA
ExtTextOutA
DPtoLP
CreateBitmap
GetMapMode
SetBkColor
EnumFontsA
CreateHalftonePalette
GetDIBColorTable
UpdateColors
SetTextColor
GetStockObject
CreateFontIndirectA
GetPixel
StartDocA
StartPage
EndPage
EndDoc
CreatePen
MoveToEx
LineTo
SetPixel
CreatePalette
GetPaletteEntries
SetDIBColorTable
UnrealizeObject
SelectPalette
RealizePalette
CreateSolidBrush
SetStretchBltMode
SetBrushOrgEx
StretchBlt
BitBlt
SetBkMode
DeleteDC
GetSystemPaletteEntries
GetNearestColor
GdiFlush
GetObjectA
GetDIBits
CreateCompatibleBitmap
CreateCompatibleDC
SelectObject
DeleteObject
CreateDIBSection
GetDeviceCaps
GetDCOrgEx
GetClipBox
CopyMetaFileA
CreateDCA
GetTextExtentPoint32A
SaveDC
RestoreDC
SetPolyFillMode
SetROP2
SetGraphicsMode
SetWorldTransform
ModifyWorldTransform
ExcludeClipRect
IntersectClipRect
OffsetClipRgn
SetTextAlign
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
SetArcDirection
SetColorAdjustment
SelectClipRgn
GetClipRgn
CreateRectRgn
SetMapMode
GetTextMetricsA
GetBkColor
CombineRgn
SetRectRgn
CreateRectRgnIndirect
StretchDIBits
GetCharWidthA
CreateHatchBrush
ExtCreatePen
PlayMetaFile
EnumMetaFile
GetObjectType
PlayMetaFileRecord
CreatePatternBrush
CreateDIBPatternBrushPt
ExtSelectClipRgn
PolyBezierTo
PolylineTo
PolyDraw
ArcTo
GetCurrentPositionEx
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
TextOutA
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
SelectClipPath

comdlg32

GetOpenFileNameA
ChooseColorA
PrintDlgA
GetSaveFileNameA
CommDlgExtendedError
GetFileTitleA

advapi32

RegSetValueA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegEnumKeyA
RegCreateKeyA
RegDeleteKeyA
RegEnumValueA
RegCreateKeyExA
StartServiceCtrlDispatcherA
OpenSCManagerA
CreateServiceA
OpenServiceA
StartServiceA
DeleteService
QueryServiceStatus
CloseServiceHandle
RegisterServiceCtrlHandlerA
SetServiceStatus
ImpersonateLoggedOnUser
CreateProcessAsUserA
RevertToSelf
RegOpenKeyA
AllocateAndInitializeSid
OpenProcessToken
GetTokenInformation
EqualSid
FreeSid
RegDeleteValueA
RegSetValueExA
GetUserNameA
RegEnumKeyExA
RegQueryValueA

shell32

DragQueryFileA
SHChangeNotify
Shell_NotifyIconA
ShellExecuteA
SHAppBarMessage
ExtractIconA
SHGetFileInfoA
DragFinish

ole32

CLSIDFromString
CoInitializeEx
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CoTaskMemFree
CoDisconnectObject
StringFromGUID2
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoInitialize
CoUninitialize
OleRun
CoCreateInstance
CreateStreamOnHGlobal
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleInitialize
ReadFmtUserTypeStg
ReadClassStg
StringFromCLSID
CoTreatAsClass
CreateBindCtx
OleRegGetUserType

oleaut32

CreateErrorInfo
SetErrorInfo
LoadRegTypeLi
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayGetElement
VariantChangeType
SysAllocString
SysStringLen
OleLoadPicture
SystemTimeToVariantTime
VariantClear
VariantInit
VariantCopy
SysFreeString
SysStringByteLen
SysAllocStringByteLen
SysAllocStringLen
LoadTypeLi
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
SafeArrayRedim
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayCopy
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
VariantTimeToSystemTime
SysReAllocStringLen
VarDateFromStr
VarBstrFromCy
VarBstrFromDec
VarDecFromStr
VarCyFromStr
VarBstrFromDate
RegisterTypeLi
GetErrorInfo

shlwapi

PathRemoveExtensionA
PathStripToRootA
PathIsUNCA
PathRemoveFileSpecW
PathFindExtensionA
PathFindFileNameA

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

Sections

.text
Size: 525KB - Virtual size: 524KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 137KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 13KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 216KB - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c4d61a796e69c73fa7161733c95c8962

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

wsock32

comctl32

version

snmpapi

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

shlwapi

oleacc

winspool.drv

Sections

.text Size: 525KB - Virtual size: 524KB

.rdata Size: 137KB - Virtual size: 137KB

.data Size: 13KB - Virtual size: 47KB

.rsrc Size: 216KB - Virtual size: 216KB

.text
Size: 525KB - Virtual size: 524KB

.rdata
Size: 137KB - Virtual size: 137KB

.data
Size: 13KB - Virtual size: 47KB

.rsrc
Size: 216KB - Virtual size: 216KB