2024-04-28_f5f0c809204777d3474e9bd4a4e92c86_bkransomware

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-28_f5f0c809204777d3474e9bd4a4e92c86_bkransomware
Size

390KB
MD5

f5f0c809204777d3474e9bd4a4e92c86
SHA1

0537957fb576bc0afd9c20fd65dea8d3a0c24141
SHA256

9c9b4d21461dd528ba1bad7effd28e2150c5cf8ed6fb37ad191f33c692d41897
SHA512

71f3f2688c74a525c70189a0c139ea4bb2961c7a814326aaa1fdb71d7df9d244beb64674daae9ab3825bc9108e936df6ca1e123027bc408e65c87c4d31d85cb1
SSDEEP

6144:QvFjqEWSpmM73KosFG4X1QfVwHzmVV1gQCCpW7EqGf+xYwzXdm0:UFjqEWSNrKoWsfVomVVWQCCs7E1fVum

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-28_f5f0c809204777d3474e9bd4a4e92c86_bkransomware

Files

2024-04-28_f5f0c809204777d3474e9bd4a4e92c86_bkransomware
.exe windows:5 windows x86 arch:x86

7df3bf1cb85b6135e3e98d66a67b3d49

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

dsound

ord1

dinput8

DirectInput8Create

winmm

timeGetTime
mmioClose
mmioWrite
mmioSeek
mmioGetInfo
mmioSetInfo
mmioAdvance
mmioDescend
mmioAscend
mmioCreateChunk
mmioOpenA

wsock32

send
recv
listen
inet_addr
socket
htons
htonl
connect
closesocket
bind
accept
gethostbyname
gethostname
WSAStartup
WSACleanup
__WSAFDIsSet
select
setsockopt

kernel32

HeapReAlloc
OutputDebugStringW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcessId
QueryPerformanceCounter
GetModuleFileNameA
HeapSize
GetProcessHeap
GetConsoleCP
SetFilePointerEx
ReadConsoleW
GetConsoleMode
GetCurrentThreadId
GetFileType
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
LoadLibraryExW
GetProcAddress
LoadLibraryA
GetCommandLineA
GetPrivateProfileIntA
GetPrivateProfileStringA
WritePrivateProfileStringA
SetCurrentDirectoryA
GetCurrentDirectoryA
CreateDirectoryA
FreeLibrary
GetCurrentProcess
TerminateThread
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
ReleaseMutex
WaitForSingleObject
Sleep
GetFileInformationByHandle
FindClose
CloseHandle
FileTimeToLocalFileTime
FileTimeToSystemTime
lstrcpyA
OpenMutexA
GetTempPathA
CreateFileA
SetFileAttributesA
DeleteFileA
FindFirstFileA
FindNextFileA
SetPriorityClass
GetVersionExA
ExpandEnvironmentStringsA
GetModuleFileNameW
WriteFile
GetStdHandle
GetModuleHandleW
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
InitializeCriticalSectionAndSpinCount
SetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
ResumeThread
ExitThread
CreateThread
ReadFile
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
RtlUnwind
RaiseException
IsProcessorFeaturePresent
IsDebuggerPresent
WideCharToMultiByte
MultiByteToWideChar
AreFileApisANSI
GetModuleHandleExW
ExitProcess
GetLastError
DecodePointer
EncodePointer
LCMapStringW
SetEndOfFile
GetStringTypeW
SetStdHandle
FlushFileBuffers
WriteConsoleW
CreateFileW
CreateMutexA

user32

SetScrollPos
SetWindowTextA
SetWindowTextW
GetWindowTextA
GetParent
LoadCursorA
LoadIconA
SetScrollInfo
GetScrollInfo
WinHelpA
UpdateWindow
CreatePopupMenu
GetMenu
LoadAcceleratorsA
EnableWindow
KillTimer
GetKeyState
GetFocus
GetActiveWindow
SetFocus
SendDlgItemMessageA
IsDlgButtonChecked
CheckRadioButton
SetMenuItemInfoA
InsertMenuItemA
DeleteMenu
AppendMenuW
AppendMenuA
GetSubMenu
GetMenuItemID
TranslateMessage
DispatchMessageA
CheckDlgButton
GetDlgItemTextA
SetDlgItemTextW
SetDlgItemTextA
GetDlgItemInt
SetDlgItemInt
GetDlgItem
EndDialog
DialogBoxParamW
DialogBoxParamA
CreateDialogParamW
CloseWindow
ShowWindow
DestroyWindow
CreateWindowExA
RegisterClassA
CallWindowProcA
PostQuitMessage
DefWindowProcA
PostMessageA
SendMessageW
wsprintfA
GetSystemMetrics
SetWindowLongA
GetWindowLongA
ClientToScreen
ShowCursor
MessageBoxW
MessageBoxA
GetWindowRect
GetClientRect
DrawMenuBar
SetWindowPos
SendMessageA
TranslateAcceleratorA
PeekMessageA
SetTimer

gdi32

TextOutA
SetTextColor
SetBkMode
GetStockObject
SetBkColor

comdlg32

GetSaveFileNameA
GetOpenFileNameA

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA

shell32

SHGetPathFromIDListA
ShellExecuteA
DragAcceptFiles
DragFinish
DragQueryFileA
SHBrowseForFolderA

ole32

CoTaskMemFree

Sections

.text
Size: 271KB - Virtual size: 270KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 209KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7df3bf1cb85b6135e3e98d66a67b3d49

Headers

DLL Characteristics

File Characteristics

Imports

dsound

dinput8

winmm

wsock32

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

Sections

.text Size: 271KB - Virtual size: 270KB

.rdata Size: 53KB - Virtual size: 52KB

.data Size: 19KB - Virtual size: 209KB

.rsrc Size: 26KB - Virtual size: 25KB

.reloc Size: 20KB - Virtual size: 19KB

.text
Size: 271KB - Virtual size: 270KB

.rdata
Size: 53KB - Virtual size: 52KB

.data
Size: 19KB - Virtual size: 209KB

.rsrc
Size: 26KB - Virtual size: 25KB

.reloc
Size: 20KB - Virtual size: 19KB