BedrockFinderCpp[.]rar

Sharing

Copy URL

Twitter E-mail

General

Target

BedrockFinderCpp.rar
Size

1.2MB
MD5

af00b06ba21b2ede7a8dd747c48a5283
SHA1

c478385fa911f311ae34e95a28eb44075768d27b
SHA256

02bd83df4f9865a757ca50b329ed78c205cf78dd568445efd1afa9c66e0f1340
SHA512

7d5091c65477bc688ee22e9a4b3410df5f2df34bb2ddf9933f89dc0602a1d8c66e3b0fe4d78edd977060619a8cbab835bdefcaadea90c7572d18f0ca7b57a896
SSDEEP

24576:6pExa5b2kh+j7EH97OdvCs50Yc+jeQru0EMWyn9CN14bZ:6+ob2km7Ed7OdvCnB+jvurMWyEnw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/BedrockFinderCpp.exe

Files

BedrockFinderCpp.rar
.rar
BedrockFinderCpp.exe
.exe windows:6 windows x64 arch:x64

c6bb520c4465b4430bfba7bfa2b6d057

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\Chris\Desktop\stuff\BedrockFinderCpp\BedrockFinderCpp\x64\Release\BedrockFinderCpp.pdb

Imports

opencl

clCreateCommandQueue
clEnqueueNDRangeKernel
clEnqueueReadBuffer
clFinish
clReleaseEvent
clSetKernelArg
clReleaseKernel
clCreateKernel
clBuildProgram
clReleaseProgram
clCreateProgramWithSource
clReleaseMemObject
clCreateBuffer
clReleaseCommandQueue
clReleaseContext
clCreateContext
clReleaseDevice
clRetainDevice
clGetDeviceInfo
clGetDeviceIDs
clGetPlatformInfo
clGetPlatformIDs

msvcp140

?__ExceptionPtrCreate@@YAXPEAX@Z
?__ExceptionPtrDestroy@@YAXPEAX@Z
?__ExceptionPtrCopy@@YAXPEAXPEBX@Z
?__ExceptionPtrAssign@@YAXPEAXPEBX@Z
?__ExceptionPtrToBool@@YA_NPEBX@Z
?__ExceptionPtrSwap@@YAXPEAX0@Z
?__ExceptionPtrCurrentException@@YAXPEAX@Z
?__ExceptionPtrRethrow@@YAXPEBX@Z
?uncaught_exception@std@@YA_NXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAJ@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAN@Z
?_Xinvalid_argument@std@@YAXPEBD@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?underflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?_Xlength_error@std@@YAXPEBD@Z
?seekoff@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA?AV?$fpos@U_Mbstatet@@@2@_JHH@Z
?pbackfail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHH@Z
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Throw_Cpp_error@std@@YAXH@Z
_Cnd_do_broadcast_at_thread_exit
_Thrd_id
_Thrd_join
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?_Xbad_function_call@std@@YAXXZ
?_Xout_of_range@std@@YAXPEBD@Z
?seekpos@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA?AV?$fpos@U_Mbstatet@@@2@V32@H@Z

comctl32

ImageList_Create
ord16
ImageList_Destroy
ImageList_GetImageCount
ImageList_Add
ImageList_GetImageInfo
ImageList_GetIconSize
ImageList_Replace
ImageList_Draw
ImageList_SetBkColor
ord17

rpcrt4

RpcStringFreeW
UuidToStringW

uxtheme

SetWindowTheme
GetThemeBackgroundExtent
GetThemeSysColor
GetCurrentThemeName
GetThemeInt
GetThemePartSize
GetThemeFont
IsThemePartDefined
IsAppThemed
IsThemeActive
GetThemeMargins
GetThemeSysFont
DrawThemeParentBackground
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeBackgroundContentRect
IsThemeBackgroundPartiallyTransparent
GetThemeColor

vcruntime140

__C_specific_handler
__std_exception_copy
__std_exception_destroy
__std_terminate
__std_type_info_compare
memset
memmove
wcsstr
strchr
memcpy
_set_se_translator
wcschr
__RTtypeid
_purecall
__CxxFrameHandler3
__intrinsic_setjmp
strstr
memcmp
longjmp
_CxxThrowException

api-ms-win-crt-runtime-l1-1-0

_exit
exit
_initterm_e
_initterm
_get_narrow_winmain_command_line
_register_thread_local_exe_atexit_callback
_set_app_type
_seh_filter_exe
_cexit
_crt_atexit
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_beginthreadex
terminate
_invalid_parameter_noinfo_noreturn
_errno
_c_exit
abort

api-ms-win-crt-heap-l1-1-0

_set_new_mode
realloc
_callnewh
free
malloc
calloc

api-ms-win-crt-string-l1-1-0

tolower
iswalnum
strlen
strcmp
wcslen
iswalpha
iswdigit
iswspace
towupper
towlower
wcspbrk
_wcsicmp
_strdup
wcsncpy
strncmp
isspace
toupper
iswprint

api-ms-win-crt-utility-l1-1-0

bsearch
qsort
abs

api-ms-win-crt-convert-l1-1-0

wcstoul
_wtoi
atof
_wcstoui64
wcstol
strtol
_wcstod_l
_wcstoi64
_wtol
wcstod

api-ms-win-crt-math-l1-1-0

_fdopen
fmod
atan2
sqrt
sin
cos
pow
floor
__setusermatherr

api-ms-win-crt-stdio-l1-1-0

_lseeki64
_wfopen
__stdio_common_vfprintf
_write
_read
fclose
__acrt_iob_func
feof
ferror
fread
__p__commode
_fseeki64
_set_fmode
__stdio_common_vswprintf
__stdio_common_vswprintf_p
_ftelli64
__stdio_common_vsscanf
_close
fflush
fwrite
_get_osfhandle
_fileno
__stdio_common_vswscanf
__stdio_common_vfwprintf
_telli64
_wsopen_dispatch
clearerr
_open_osfhandle

api-ms-win-crt-locale-l1-1-0

_create_locale
_free_locale
setlocale
_configthreadlocale

api-ms-win-crt-time-l1-1-0

_get_timezone
_mktime64
wcsftime
_time64
_tzset
_localtime64
_gmtime64

api-ms-win-crt-environment-l1-1-0

getenv
_wgetenv
_wgetcwd

api-ms-win-crt-filesystem-l1-1-0

_wremove
_wrename

msimg32

AlphaBlend
GradientFill

shlwapi

SHAutoComplete

kernel32

GetModuleHandleW
GetCurrentProcess
TerminateProcess
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
SetErrorMode
GetLastError
LocalFree
FormatMessageW
MultiByteToWideChar
WideCharToMultiByte
CloseHandle
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
WaitForSingleObject
InitializeCriticalSectionAndSpinCount
ResetEvent
WaitForSingleObjectEx
QueryPerformanceFrequency
GetDriveTypeW
GlobalSize
ExitProcess
IsProcessorFeaturePresent
TlsAlloc
TlsSetValue
TlsFree
OutputDebugStringW
GetEnvironmentVariableW
GetVersionExW
GetModuleFileNameW
GetLogicalDriveStringsW
LoadResource
LockResource
SizeofResource
FindResourceW
IsValidCodePage
GetCPInfo
CreateFileW
FindClose
FindFirstFileW
GetFileAttributesW
GetFileTime
GetLongPathNameW
GetTempFileNameW
GetStartupInfoW
GlobalFree
SetUnhandledExceptionFilter
GetProcessHeap
HeapSize
GlobalLock
GlobalUnlock
GlobalAlloc
SetLastError
MulDiv
ReadConsoleOutputCharacterA
SetConsoleCursorPosition
GetConsoleScreenBufferInfo
FillConsoleOutputCharacterW
WriteConsoleW
WriteConsoleA
AttachConsole
FreeConsole
GetStdHandle
ExpandEnvironmentStringsW
IsBadStringPtrA
IsBadReadPtr
FindNextFileW
CopyFileW
GetFileType
SetCurrentDirectoryW
LoadLibraryW
GetProcAddress
FreeLibrary
WaitForMultipleObjects
CreateEventW
SetEvent
GetCommandLineW
GetUserDefaultLCID
GetLocaleInfoW
GetACP
UnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
GetCurrentThread
RtlCaptureContext
RtlLookupFunctionEntry
GetTempPathW

user32

MonitorFromWindow
wsprintfW
IsClipboardFormatAvailable
GetDesktopWindow
EnumDisplayMonitors
GetMonitorInfoW
FindWindowExW
MonitorFromPoint
EnumDisplaySettingsW
ChangeDisplaySettingsExW
GetClipboardFormatNameW
RegisterClipboardFormatW
CheckMenuRadioItem
SetRect
GetSysColorBrush
GetMenuItemID
CheckMenuItem
DrawEdge
ChildWindowFromPoint
IsRectEmpty
UnionRect
ValidateRgn
EndPaint
BeginPaint
MessageBoxW
PostThreadMessageW
PostMessageW
RegisterClassW
CreateWindowExW
BringWindowToTop
PeekMessageW
SendMessageW
DefWindowProcW
UnregisterClassW
DestroyWindow
DispatchMessageW
MsgWaitForMultipleObjects
SetTimer
KillTimer
SetCursor
LoadCursorW
DdeInitializeW
DdeUninitialize
DdeConnect
DdeDisconnect
DdePostAdvise
DdeNameService
DdeClientTransaction
DdeCreateDataHandle
DdeGetData
DdeFreeDataHandle
DdeGetLastError
DdeCreateStringHandleW
DdeQueryStringW
DdeFreeStringHandle
GetKeyState
GetProcessDefaultLayout
RegisterWindowMessageW
SetMenu
GetWindowRect
GetSystemMetrics
LoadBitmapW
LoadIconW
LoadImageW
GetIconInfo
GetDC
ReleaseDC
TranslateMessage
RegisterHotKey
UnregisterHotKey
GetMessagePos
GetMessageTime
PostQuitMessage
CallWindowProcW
IsWindow
ShowWindow
AnimateWindow
MoveWindow
SetWindowPos
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
IsWindowVisible
SetFocus
GetActiveWindow
GetFocus
GetAsyncKeyState
VkKeyScanW
MapVirtualKeyW
GetCapture
SetCapture
ReleaseCapture
EnableWindow
IsWindowEnabled
GetMenuItemCount
TrackPopupMenu
GetMenuItemInfoW
UpdateWindow
GetUpdateRgn
InvalidateRect
RedrawWindow
ScrollWindow
EnableScrollBar
SetWindowTextW
GetClientRect
SetCursorPos
GetCursorPos
ClientToScreen
ScreenToClient
MapWindowPoints
WindowFromPoint
ChildWindowFromPointEx
GetSysColor
FillRect
InflateRect
PtInRect
GetWindowLongW
SetWindowLongW
GetWindowLongPtrW
SetWindowLongPtrW
GetParent
SetParent
GetWindow
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
IsDialogMessageW
SetScrollInfo
GetScrollInfo
SystemParametersInfoW
CreateDialogParamW
GetDlgItem
SetWindowRgn
GetWindowPlacement
SetLayeredWindowAttributes
FlashWindowEx
IsIconic
IsZoomed
CreateDialogIndirectParamW
GetDialogBaseUnits
DrawMenuBar
GetSystemMenu
EnableMenuItem
SetForegroundWindow
DrawTextW
DrawFocusRect
CreateIconIndirect
DrawStateW
SetRectEmpty
CopyRect
OffsetRect
GetComboBoxInfo
IsMenu
keybd_event
GetWindowTextLengthW
HideCaret
GetWindowTextW
MessageBeep
GetClassNameW
GetMessageW
ValidateRect
DrawFrameControl
DrawIconEx
CreateAcceleratorTableW
DestroyAcceleratorTable
TranslateAcceleratorW
GetDoubleClickTime
DestroyIcon
GetMenuState
CreateMenu
CreatePopupMenu
DestroyMenu
GetSubMenu
InsertMenuW
AppendMenuW
ModifyMenuW
RemoveMenu
SetMenuInfo
InsertMenuItemW
SetMenuItemInfoW
DestroyCursor
GetWindowDC

gdi32

MaskBlt
Pie
PolyPolygon
Rectangle
RoundRect
SelectClipRgn
SetGraphicsMode
SetMapMode
SetLayout
GetClipBox
GetBkColor
Ellipse
Arc
MoveToEx
LineTo
GetPixel
ExtFloodFill
CreateSolidBrush
CreatePen
DeleteDC
CreateCompatibleDC
CreateCompatibleBitmap
CreateBitmap
BitBlt
GetLayout
SetPixel
SetPolyFillMode
StretchBlt
StretchDIBits
SetROP2
SetStretchBltMode
GetWorldTransform
SetWorldTransform
GetStockObject
ExtTextOutW
Polygon
Polyline
PolyBezier
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
ExtCreatePen
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
CreateHatchBrush
CreatePatternBrush
CreateDIBitmap
GetDIBits
CreateDIBSection
GetDIBColorTable
CombineRgn
SetTextColor
SetBkMode
SetBkColor
OffsetRgn
GetRegionData
ExtCreateRegion
GdiFlush
SetBrushOrgEx
SelectPalette
RealizePalette
ExcludeClipRect
CreateRectRgn
GetTextMetricsW
SelectObject
ModifyWorldTransform
GetOutlineTextMetricsW
GetDeviceCaps
ExtSelectClipRgn
CreateFontIndirectW
GetObjectW
GetObjectType
EqualRgn
PlayEnhMetaFile
GetEnhMetaFileHeader
GetEnhMetaFileW
DeleteEnhMetaFile
CreateEnhMetaFileW
CloseEnhMetaFile
EndPage
StartPage
EndDoc
StartDocW
CreateDCW
SetAbortProc
GetSystemPaletteEntries
EnumFontFamiliesExW
CreateICW
GetTextExtentExPointW
GetCharABCWidthsW
CreateRectRgnIndirect
GetTextExtentPoint32W
RectInRegion
PtInRegion
GetRgnBox
DeleteObject

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

comdlg32

PrintDlgW
GetOpenFileNameW
CommDlgExtendedError
PageSetupDlgW
GetSaveFileNameW
ChooseFontW

advapi32

RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegEnumValueW
GetUserNameW
RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyW

shell32

CommandLineToArgvW
SHGetFolderPathW
ExtractIconW
ord6
SHGetFileInfoW
DragAcceptFiles
DragFinish
DragQueryPoint
DragQueryFileW
ExtractIconExW

ole32

OleGetClipboard
ReleaseStgMedium
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
CoTaskMemAlloc
OleFlushClipboard
CoTaskMemFree
OleUninitialize
OleInitialize
CoCreateInstance
OleIsCurrentClipboard
OleSetClipboard

Sections

.text
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 126KB - Virtual size: 309KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 824B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c6bb520c4465b4430bfba7bfa2b6d057

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

opencl

msvcp140

comctl32

rpcrt4

uxtheme

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-environment-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

msimg32

shlwapi

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

shell32

ole32

Sections

.text Size: 2.1MB - Virtual size: 2.1MB

.rdata Size: 1.2MB - Virtual size: 1.2MB

.data Size: 126KB - Virtual size: 309KB

.pdata Size: 105KB - Virtual size: 104KB

.rsrc Size: 1024B - Virtual size: 824B

.reloc Size: 69KB - Virtual size: 69KB

.text
Size: 2.1MB - Virtual size: 2.1MB

.rdata
Size: 1.2MB - Virtual size: 1.2MB

.data
Size: 126KB - Virtual size: 309KB

.pdata
Size: 105KB - Virtual size: 104KB

.rsrc
Size: 1024B - Virtual size: 824B

.reloc
Size: 69KB - Virtual size: 69KB