BMCRSMmgr[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

BMCRSMmgr.exe
Size

26KB
MD5

542a842aaaeceec1e3ee2c9bd806914b
SHA1

f4fa165a548c063db5f6da6be2d95b7018f0a8ff
SHA256

b270c85743f1ab343b0b86bd557440c78da29e03fd8e4f99ceb253bbe309b5e4
SHA512

33d0459324064499fe9f0e18b342fde8c6a41c3a96ae1c9187cea072339bc127d0fe229976811d7b12aa0a1831bd78c4ec1d8201f87e5b5f63ae28e79e9663b7
SSDEEP

768:yX+3RPEg4xlfRRRH4yVY+UQeDj504JsBXKtIkxOXVfmt:yu3RPERUQIG4JOatXOXVfm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
BMCRSMmgr.exe

Files

BMCRSMmgr.exe
.exe windows:4 windows x86 arch:x86

3ee1cacf804703971edf6ef8ff7fd527

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\bpm\2.11.00\src\patsdk\target\native\prod\windows-2003-5.2-x86\exe\systrayui.pdb

Imports

msvcr80

?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
_invoke_watson
_controlfp_s
_initterm_e
_initterm
_acmdln
exit
_ismbblead
_XcptFilter
_exit
?terminate@@YAXXZ
__getmainargs
_amsg_exit
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
wcsncpy
_purecall
??3@YAXPAX@Z
_crt_debugger_hook
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_cexit
_configthreadlocale
??_U@YAPAXI@Z
wcsstr
??_V@YAXPAX@Z
__CxxFrameHandler3
_swprintf
wprintf
wcsncmp
_vsnwprintf
_wassert

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoA
InterlockedCompareExchange
Sleep
InterlockedExchange
SetLastError
GetTickCount
GetCommandLineW
LocalFree
GetLastError

msvcp80

?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@ABV12@@Z
?reserve@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXI@Z
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_W@Z
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@I_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z

user32

SetTimer
ShowWindow
MoveWindow
GetCursorPos
GetWindowRect
SetWindowTextW
SetWindowLongW
CreateDialogParamW
PostQuitMessage
GetWindowLongW
SetForegroundWindow
GetDoubleClickTime
KillTimer
DefWindowProcW
CreateWindowExW
RegisterClassW
RegisterWindowMessageW
DestroyMenu
AppendMenuW
CreatePopupMenu
SendDlgItemMessageW
TrackPopupMenu
DestroyWindow
IsDialogMessageW
LoadIconW
GetMessageW
TranslateMessage
DispatchMessageW
LoadStringW
MessageBoxW

gdi32

GetStockObject

shell32

ShellExecuteW
CommandLineToArgvW
Shell_NotifyIconW

advapi32

OpenSCManagerW
OpenServiceW
CloseServiceHandle
ControlService
StartServiceW
QueryServiceStatus

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3ee1cacf804703971edf6ef8ff7fd527

Headers

File Characteristics

PDB Paths

Imports

msvcr80

kernel32

msvcp80

user32

gdi32

shell32

advapi32

Sections

.text Size: 12KB - Virtual size: 11KB

.rdata Size: 7KB - Virtual size: 7KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 3KB - Virtual size: 3KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 12KB - Virtual size: 11KB

.rdata
Size: 7KB - Virtual size: 7KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 3KB - Virtual size: 3KB

.reloc
Size: 2KB - Virtual size: 1KB