??4SThreadParam@@QAEAAU0@ABU0@@Z
Static task
static1
1 signatures
General
-
Target
BGI.exe
-
Size
1.2MB
-
MD5
9f65d4fb774a11c4d801c2d893204ca8
-
SHA1
f338af923ba15d50aefcce64dd1d6e1175254677
-
SHA256
04aaa14762067b6cfd5dd2854831634d1b335d14b80d32d14f1ce8f29fe9f558
-
SHA512
ad0f9d67d6364b04994f4eb98bd4c059c79789bcc0db001e8f60b69629876c6584695c3c74328fc46cf97544972244b5c578887287be43741d6d5b4a70b1e8aa
-
SSDEEP
24576:WLikzSwz6aQ3+BxVX9wy8897uc6+Q3mVy5QL1c66a:+zSwz6a3xIQk38FhV6
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource BGI.exe
Files
-
BGI.exe.exe windows:5 windows x86 arch:x86
fbc667b203844584544f9c862096b4b7
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
d3d9
Direct3DCreate9
dinput8
DirectInput8Create
winmm
timeGetDevCaps
timeBeginPeriod
timeEndPeriod
PlaySoundA
mciSendCommandA
timeGetTime
timeSetEvent
timeKillEvent
imm32
ImmGetDefaultIMEWnd
ImmAssociateContext
kernel32
LockResource
GetTickCount
SetErrorMode
SystemTimeToFileTime
VirtualFree
GetWindowsDirectoryA
GetDriveTypeA
GetVolumeInformationA
GetFileAttributesA
FileTimeToSystemTime
GetDevicePowerState
SetCurrentDirectoryA
FindFirstFileA
GetLogicalDriveStringsA
VirtualAlloc
GetTempFileNameA
FindClose
GetLocalTime
GetDiskFreeSpaceA
DeviceIoControl
GetModuleFileNameA
FindNextFileA
GetDiskFreeSpaceExA
DeleteFileA
GetModuleHandleA
GetSystemDefaultLangID
GetSystemDefaultUILanguage
GetUserDefaultLCID
GetCurrentThread
SetThreadAffinityMask
GetExitCodeProcess
CreateProcessA
ExitThread
CreateDirectoryA
RemoveDirectoryA
SetFileAttributesA
OpenMutexA
MoveFileA
CreateThread
GetExitCodeThread
GlobalMemoryStatus
CopyFileA
GetComputerNameA
GlobalMemoryStatusEx
MapViewOfFile
UnmapViewOfFile
CreateFileMappingA
CreateMutexA
ReleaseMutex
GetCurrentProcess
OpenProcess
lstrlenA
LoadResource
GetCurrentDirectoryA
QueryPerformanceCounter
QueryPerformanceFrequency
WaitForMultipleObjects
TlsGetValue
TlsAlloc
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
HeapFree
IsProcessorFeaturePresent
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
RaiseException
RtlUnwind
GetStartupInfoW
HeapSetInformation
LoadLibraryA
GetCurrentThreadId
ResumeThread
DecodePointer
EncodePointer
HeapSize
ExitProcess
FreeLibrary
FindResourceA
HeapReAlloc
GetStdHandle
GetModuleFileNameW
LCMapStringW
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
HeapCreate
GetCurrentProcessId
GetSystemTimeAsFileTime
GetStringTypeW
GetConsoleCP
GetConsoleMode
SwitchToThread
LoadLibraryW
SetStdHandle
WriteConsoleW
CreateFileW
FlushFileBuffers
ReleaseSemaphore
CreateSemaphoreA
CreateWaitableTimerA
GetVersionExA
SetWaitableTimer
GetSystemTime
GetSystemInfo
ResetEvent
WaitForSingleObjectEx
InterlockedDecrement
InterlockedIncrement
GlobalUnlock
GlobalAlloc
GlobalLock
GetFileTime
GetLastError
MultiByteToWideChar
ReadFile
WideCharToMultiByte
WriteFile
SetFileTime
SetFilePointer
GetFileSize
CreateFileA
CloseHandle
SetThreadPriority
CreateEventA
SetEvent
WaitForSingleObject
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
Sleep
InitializeCriticalSection
GetProcAddress
GetCommandLineA
SizeofResource
MulDiv
GetThreadPriority
TlsSetValue
TlsFree
GetModuleHandleW
SetLastError
TerminateThread
HeapAlloc
user32
GetMessageA
PostQuitMessage
MsgWaitForMultipleObjects
TranslateMessage
GetWindowLongA
PeekMessageA
DispatchMessageA
SystemParametersInfoA
GetWindowThreadProcessId
GetShellWindow
SwapMouseButton
ShowCursor
GetCursorInfo
SetCursorPos
SetForegroundWindow
RegisterHotKey
UnregisterHotKey
EnableMenuItem
GetForegroundWindow
SetActiveWindow
GetSystemMenu
SetCursor
KillTimer
SetTimer
GetUserObjectSecurity
BringWindowToTop
FindWindowA
IsIconic
GetKeyboardState
CloseWindow
IsDlgButtonChecked
EnableWindow
WaitForInputIdle
EnumDisplayMonitors
GetCursorPos
RegisterClassExA
LoadImageA
LoadCursorA
wsprintfA
DestroyWindow
GetClientRect
GetMonitorInfoA
InvalidateRect
SetWindowPos
GetSystemMetrics
UpdateWindow
FillRect
MonitorFromWindow
CreateDialogParamA
SendDlgItemMessageA
SetFocus
GetWindowTextLengthA
GetWindowTextA
SetWindowLongA
GetDlgItem
EndDialog
CallWindowProcA
GetDlgCtrlID
GetDlgItemTextA
DialogBoxParamA
SetDlgItemTextA
SetRect
MessageBoxA
IsWindow
CloseClipboard
EmptyClipboard
OpenClipboard
SetClipboardData
EndPaint
GetWindowRect
SendMessageA
BeginPaint
GetAsyncKeyState
CreateWindowExA
DefWindowProcA
RedrawWindow
ShowWindow
PostMessageA
SetWindowTextA
MoveWindow
GetDC
ReleaseDC
PostThreadMessageA
GetQueueStatus
RegisterWindowMessageA
LoadIconA
gdi32
RemoveFontMemResourceEx
AddFontMemResourceEx
RemoveFontResourceA
SetBrushOrgEx
TextOutA
TextOutW
GetObjectA
GetTextMetricsA
CreateCompatibleDC
EnumFontFamiliesExA
SelectObject
DeleteObject
CreateFontA
CreateDIBSection
DeleteDC
GetOutlineTextMetricsA
GetGlyphOutlineA
SelectPalette
SetBkMode
CreatePalette
SetTextColor
StretchDIBits
CreateRectRgnIndirect
SetStretchBltMode
AddFontResourceA
SelectClipRgn
GetStockObject
comdlg32
GetOpenFileNameA
GetSaveFileNameA
advapi32
OpenProcessToken
RegOpenKeyExA
RevertToSelf
AdjustTokenPrivileges
IsValidSid
GetSecurityDescriptorOwner
ImpersonateLoggedOnUser
DuplicateTokenEx
LookupPrivilegeValueA
LookupAccountSidA
RegCloseKey
GetUserNameA
RegCreateKeyExA
RegDeleteKeyA
RegSetValueExA
RegQueryValueExA
shell32
ShellExecuteA
SHBrowseForFolderA
SHGetFolderPathA
DragFinish
DragAcceptFiles
DragQueryFileA
SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderLocation
SHChangeNotify
ole32
CoTaskMemFree
CoInitialize
CoTaskMemAlloc
CoFreeUnusedLibraries
OleDraw
CoUninitialize
CoCreateInstance
wininet
InternetOpenA
InternetCloseHandle
InternetSetFilePointer
InternetAttemptConnect
InternetReadFile
InternetQueryDataAvailable
InternetOpenUrlA
gdiplus
GdiplusShutdown
GdipGetImageHeight
GdipCreateBitmapFromGdiDib
GdipGetImagePixelFormat
GdipFree
GdipAlloc
GdipGetImageEncodersSize
GdipDisposeImage
GdipCreateBitmapFromFile
GdipBitmapUnlockBits
GdiplusStartup
GdipGetImageWidth
GdipCloneImage
GdipGetImageEncoders
GdipSaveImageToFile
GdipBitmapLockBits
dsound
ord11
Exports
Exports
Sections
.text Size: 899KB - Virtual size: 900KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 126KB - Virtual size: 128KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 53KB - Virtual size: 444KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 55KB - Virtual size: 56KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 48KB - Virtual size: 52KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ