Gridinsoft Logo

The broscfg.dll (bcfgs) File Analysis

Updated 1 day ago
Checked by Malware Check
broscfg.dll

Technical Analysis

File Name broscfg.dll
File Type
Win32 DLL
Magic Bytes PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
SSDEEP Hash
49152:BGfyniAk+z6UrkxKTd1dcFzzh1NRWATaC4ePscl7LbOw:B6ys++7wdS5TamU2u
Scanner Version 1.0.218.174
Database Version 2025-06-23 13:00:28 UTC

Suspicious File Detected

Detected by 11 security engines - requires caution

This file requires additional checking for potential threats. Based on suspicious indicators, we will soon add it to our virus database.
15%
Detection Rate
2,328,576
File Size (bytes)
11/71
Engines Detected
2025-06-23
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
1e471e8652e78be6d031c20ba14addf5
SHA1
90d911f83655558b8700904766619929d3c9087a
SHA256
861e1a70b125dc7e4b7993a3132793e525e5b9ddc5aa5b490e83b22003f90b1d
SHA512
c348f19644012d13e818b8617e00e7eecaa803728a7e1cda3408fc58d1440db5f39ee7be234cedbbd564bdb12f84a5cda4a90982421b6f3dfb3512b0e09a0945
ImpHash
14b79141bf3b128468c90727de40002a

Security Engines with Detections (11 of 71)

Elastic
malicious (moderate confidence) Malicious
Skyhigh
BehavesLike.Win32.Generic.vc Malicious
Cylance
Unsafe Malicious
CrowdStrike
win/malicious_confidence_60% (W) Malicious
Cynet
Malicious (score: 100) Malicious
Webroot
W32.Malware.gen Malicious
McAfee
Artemis!1E471E8652E7 Malicious
Rising
Trojan.HiJack!8.1159F (CLOUD) Malicious
huorong
Trojan/HiJack.ol Malicious
Fortinet
W32/PossibleThreat Malicious
DeepInstinct
MALICIOUS Malicious
60 engines reported no threats - Only engines with detections are shown above for clarity

PE Analysis

Basic Information

Image Base 0x10000000
Entry Point 0x100edebb
Compilation Time 2024-12-21 15:40:42
Checksum 0x00000000 (Actual: 0x0023e96a)
OS Version 5.1
PEiD Signatures PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
PDB Path E:\Data\Sysceo\AD\缓存C++\Browser_noime_enew\DLL_Release\broscfg.pdb
Digital Signature No valid SignedData structure was found.
Imports 7 libraries
KERNEL32, USER32, ADVAPI32, SHELL32, ole32, SHLWAPI, NETAPI32
Exports 1 functions
Resources 17 Resources
Sections 7 Sections

Version Information

CompanyName bcfgs
FileDescription bcfgs
FileVersion 2.0.0.60
InternalName bcfgs
LegalCopyright Copyright (C) 2022
OriginalFilename bcfgs
ProductName bcfgs
ProductVersion 2.0.0.60
Translation 0x0804 0x04b0

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
.text 0x00001000 1,146,191 bytes 1,146,368 bytes 6.71 (Compressed) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 09096C860AF5D70FC4282247366BA791
.rdata 0x00119000 248,186 bytes 248,320 bytes 6.45 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ E2E6F728A6C71C50CBB1736B3886EA9A
.data 0x00156000 30,612 bytes 12,800 bytes 4.67 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE FBA770DB6A88D8D03E04F0389D84307A
.gfids 0x0015e000 900 bytes 1,024 bytes 3.58 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 85D680E4F0C04C873FAE187B18919BDB
.tls 0x0015f000 9 bytes 512 bytes 0.02 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 1F354D76203061BFDD5A53DAE48D5435
.rsrc 0x00160000 879,128 bytes 879,616 bytes 7.68 (Packed/Encrypted) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ D0D8934378DCE6A8FB45AA4C69EDEF81
.reloc 0x00237000 38,872 bytes 38,912 bytes 6.61 (Compressed) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ 8302CEFEBB7C76C5A1FB47CAA8F3DAC9
Entropy Analysis Alert

1 section(s) with high entropy (≥7.5) detected - possible packing/encryption

2 section(s) with elevated entropy (≥6.5) - possible compression

Resource Analysis

Total Resources: 17 (878,145 bytes)
Resource Type Count Total Size Percentage
DATA 15 877,113 bytes
99.9%
RT_VERSION 1 640 bytes
0.1%
RT_MANIFEST 1 392 bytes
0%

Certificate Chain Analysis

Certificate Information
Product bcfgs
Description bcfgs
File Version 2.0.0.60
Original Name bcfgs
Internal Name bcfgs
Copyright Copyright (C) 2022

✓ This file has been digitally signed and the certificate chain has been verified

  • The signature ensures file integrity and authenticity from the publisher
  • Timestamping proves when the signature was applied
Certificate Verification Status

No valid SignedData structure was found.

Recommendation: Verify the file source and ensure it comes from a trusted publisher.

Remember: This is Result of Online Virus Scanner

Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:

Download Anti-Malware

Keep Your System Protected

This file appears clean, but regular security maintenance is important

  1. Regular Scans: Run weekly system scans to detect new threats before they can cause damage.
  2. Keep Software Updated: Ensure your operating system and all applications have the latest security patches.
  3. Safe Browsing: Avoid suspicious websites and never download software from untrusted sources.
  4. Email Security: Be cautious with email attachments and links, even from known contacts.
Proactive Protection
11 antivirus engines detected potential threats. This could be a false positive, especially for system tools or packed software. Verify the file source and check if it's digitally signed by a trusted publisher.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.
Your Score for

Gridinsoft Anti-Malware

Cure your PC from any kind of malware

GridinSoft Anti-Malware will help you to protect your computer from spyware, trojans, backdoors, rootkits. It cleans your system from annoying advertisement modules and other malicious stuff developed by hackers.

Anti-Malware Download Now
Gridinsoft Anti-Malware