2024-04-29_d05cfb54464fc77d87d40404056f2a1f_bkransomware

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-29_d05cfb54464fc77d87d40404056f2a1f_bkransomware
Size

3.0MB
MD5

d05cfb54464fc77d87d40404056f2a1f
SHA1

5876e226327ec16faa0f510f05473c7de6f339ec
SHA256

c1bba67ac1a915f46f09a647d9fe4f9886817d0341ca437735373d32bc935fa5
SHA512

15f6efdea8aa6f58f60d6a2871abb4eea978e58af1c8cef074df09c986eb3b77e9708b663e0429ce868fe694ae061a2504952c069c12764cd90b9f04158ba6a7
SSDEEP

98304:Jb/dPUI6R9wvJC+nXNscAn2DhNsdXFWl7iplH1sO5vK38pRp:Jb/dPU9AHN7AC0rTH1sOjn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-29_d05cfb54464fc77d87d40404056f2a1f_bkransomware

Files

2024-04-29_d05cfb54464fc77d87d40404056f2a1f_bkransomware
.exe windows:5 windows x86 arch:x86

18cc20c87a826705ab457ea1b48fcbcc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\SanteSource_VC2013\Programs\Sante DICOMDIR Viewer\Release32\Sante DICOMDIR Viewer.pdb

Imports

kernel32

OutputDebugStringW
WriteConsoleW
LCMapStringW
SetEnvironmentVariableA
VirtualFree
UnregisterWaitEx
InitializeSListHead
ReleaseSemaphore
FreeLibraryAndExitThread
SetFilePointerEx
GetDriveTypeW
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SwitchToThread
SignalObjectAndWait
WaitForSingleObjectEx
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
CreateTimerQueue
QueryPerformanceFrequency
ReleaseMutex
ReadConsoleW
GetTimeZoneInformation
GetFullPathNameA
GetStringTypeW
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
GetConsoleMode
GetConsoleCP
CreateSemaphoreW
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetStartupInfoW
GetStdHandle
GetFileType
SetStdHandle
VirtualQuery
VirtualAlloc
GetSystemInfo
GetSystemTimeAsFileTime
HeapQueryInformation
IsProcessorFeaturePresent
IsDebuggerPresent
ExitThread
CreateThread
GetModuleHandleExW
ExitProcess
RtlUnwind
GetCommandLineW
FindResourceExW
VirtualProtect
Sleep
GetProfileIntW
GetTickCount
SearchPathW
GetTempPathW
GetTempFileNameW
GetWindowsDirectoryW
GetFileTime
GetFileSizeEx
GetFileAttributesExW
FileTimeToLocalFileTime
SetErrorMode
GetFileAttributesW
VerifyVersionInfoW
VerSetConditionMask
lstrcmpiW
GetCurrentProcess
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetFullPathNameW
GetFileSize
FlushFileBuffers
FindFirstFileW
FindClose
CreateFileW
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
GetCurrentDirectoryW
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
FileTimeToSystemTime
GlobalGetAtomNameW
GlobalFindAtomW
LoadLibraryA
GetSystemDirectoryW
EncodePointer
GetCurrentProcessId
GlobalAddAtomW
ResumeThread
SetThreadPriority
CreateEventW
WaitForSingleObject
SetEvent
LoadLibraryW
GetModuleHandleA
FreeResource
OutputDebugStringA
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
GetProcAddress
GetModuleHandleW
lstrcpyW
lstrcmpW
lstrcmpA
GlobalDeleteAtom
LoadLibraryExW
GetModuleFileNameW
FreeLibrary
GetVersionExW
GetCurrentThreadId
GetCurrentThread
SetLastError
CopyFileW
FormatMessageW
MulDiv
LocalFree
GlobalFree
GlobalUnlock
GlobalLock
GlobalSize
GlobalAlloc
WideCharToMultiByte
DeleteCriticalSection
DecodePointer
EnterCriticalSection
HeapSize
GetLastError
RaiseException
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
GetProcessHeap
HeapFree
HeapAlloc
HeapReAlloc
MultiByteToWideChar
DeleteFileW
CloseHandle
CreateMutexW
FindResourceW
LoadResource
LockResource
GetThreadTimes
SizeofResource

user32

RealChildWindowFromPoint
DeleteMenu
WaitMessage
LoadCursorW
GetSysColorBrush
GetIconInfo
DrawIconEx
CopyImage
LoadImageW
DestroyIcon
IsRectEmpty
OffsetRect
SetRectEmpty
WindowFromPoint
KillTimer
SetTimer
ReleaseCapture
SetCapture
GetNextDlgGroupItem
SystemParametersInfoW
GetMenuItemInfoW
DestroyMenu
SendDlgItemMessageA
InflateRect
DrawFocusRect
LoadMenuW
MapVirtualKeyW
GetKeyNameTextW
IsDialogMessageW
SetWindowTextW
CheckDlgButton
MoveWindow
ShowWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
GetWindow
GetTopWindow
GetClassLongW
SetWindowLongW
EqualRect
CopyRect
MapWindowPoints
AdjustWindowRectEx
GetWindowTextLengthW
GetWindowTextW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
SetForegroundWindow
GetForegroundWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
SetFocus
GetDlgCtrlID
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
IsChild
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
UnhookWindowsHookEx
PtInRect
GetWindowRect
GetSysColor
ScreenToClient
ClientToScreen
EndPaint
BeginPaint
ReleaseDC
GetWindowDC
GetDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
GetClassNameW
CharUpperW
SetLayeredWindowAttributes
EnumDisplayMonitors
EnableWindow
LoadIconW
GetSystemMenu
AppendMenuW
SendMessageW
FillRect
InvalidateRect
UpdateWindow
DrawStateW
GetLastActivePopup
GetWindowThreadProcessId
MessageBoxW
SetCursor
ShowOwnedPopups
CallNextHookEx
SetWindowsHookExW
GetCursorPos
ValidateRect
GetKeyState
IsWindowVisible
IntersectRect
TrackMouseEvent
IsZoomed
GetAsyncKeyState
SetWindowRgn
MessageBeep
NotifyWinEvent
CreatePopupMenu
GetMenuDefaultItem
SetMenuDefaultItem
IsMenu
UpdateLayeredWindow
EnableScrollBar
UnionRect
PeekMessageW
DispatchMessageW
MonitorFromPoint
OpenClipboard
CloseClipboard
CopyAcceleratorTableW
SetClipboardData
EmptyClipboard
DrawEdge
DrawFrameControl
LoadBitmapW
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
LockWindowUpdate
UnregisterClassW
GetMenuStringW
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuW
RemoveMenu
PostMessageW
PostQuitMessage
RegisterWindowMessageW
IsWindow
DestroyWindow
CreateDialogIndirectParamW
EndDialog
GetDlgItem
GetNextDlgTabItem
GetActiveWindow
IsWindowEnabled
SetActiveWindow
GetWindowLongW
GetDesktopWindow
GetParent
GetFocus
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoW
GetMessageW
TranslateMessage
BringWindowToTop
LoadAcceleratorsW
TranslateAcceleratorW
InsertMenuItemW
UnpackDDElParam
ReuseDDElParam
ToUnicodeEx
GetKeyboardLayout
GetKeyboardState
CreateAcceleratorTableW
DestroyAcceleratorTable
GetComboBoxInfo
MapDialogRect
DestroyCursor
CreateMenu
SubtractRect
GetUpdateRect
IsClipboardFormatAvailable
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
MapVirtualKeyExW
IsCharLowerW
GetDoubleClickTime
InvertRect
HideCaret
PostThreadMessageW
FrameRect
CopyIcon
ModifyMenuW
CharUpperBuffW
RegisterClipboardFormatW
SetClassLongW
SetParent
SetRect
SetCursorPos
CreateWindowExW
GetWindowRgn

gdi32

ExcludeClipRect
GetClipBox
GetObjectType
GetPixel
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextColor
SetTextAlign
MoveToEx
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateRectRgnIndirect
PatBlt
CreateFontIndirectW
Escape
GetTextMetricsW
CreateCompatibleBitmap
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
CombineRgn
SetRectRgn
DPtoLP
CreateRoundRectRgn
CreateDIBSection
RealizePalette
SetPixel
StretchBlt
SetDIBColorTable
CreateEllipticRgn
Ellipse
GetBkColor
GetTextColor
CreatePolygonRgn
Polygon
Polyline
Rectangle
GetRgnBox
OffsetRgn
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RoundRect
ExtFloodFill
SetPaletteEntries
EnumFontFamiliesExW
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetWindowOrgEx
LPtoDP
GetViewportOrgEx
SetPixelV
GetTextFaceW
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateCompatibleDC
BitBlt
GetObjectW
GetStockObject
DeleteObject
CreateSolidBrush
CreateDCW
CopyMetaFileW
DeleteDC
CreateBitmap
SetBitmapBits
GetTextExtentPoint32W
GetDeviceCaps

msimg32

AlphaBlend
TransparentBlt

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegEnumKeyW
RegEnumKeyExW
RegEnumValueW
RegQueryValueW
RegCloseKey
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW

shell32

SHGetMalloc
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHBrowseForFolderW
SHAppBarMessage
DragFinish
DragQueryFileW
SHGetFileInfoW
ShellExecuteW
SHGetDesktopFolder

comctl32

ImageList_AddMasked
InitCommonControlsEx

shlwapi

PathFindFileNameW
PathIsUNCW
StrFormatKBSizeW
PathStripToRootW
PathFindExtensionW
PathRemoveFileSpecW

uxtheme

GetThemePartSize
GetWindowTheme
GetThemeSysColor
IsThemeBackgroundPartiallyTransparent
IsAppThemed
DrawThemeText
DrawThemeParentBackground
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName

ole32

OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleGetClipboard
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
OleLockRunning
DoDragDrop
CreateStreamOnHGlobal
CoDisconnectObject
CoInitializeEx
CoInitialize
CoCreateInstance
CoCreateGuid
CoUninitialize
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc

oleaut32

VariantChangeType
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
VariantClear
VariantCopy
VarBstrFromDate
LoadTypeLi
VariantInit
SysAllocStringLen
SysAllocString
SysFreeString

gdiplus

GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

winmm

PlaySoundW

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 414KB - Virtual size: 414KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 463KB - Virtual size: 16.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 177KB - Virtual size: 177KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 139KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

18cc20c87a826705ab457ea1b48fcbcc

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

gdiplus

oleacc

imm32

winmm

Sections

.text Size: 1.8MB - Virtual size: 1.8MB

.rdata Size: 414KB - Virtual size: 414KB

.data Size: 463KB - Virtual size: 16.5MB

.rsrc Size: 177KB - Virtual size: 177KB

.reloc Size: 139KB - Virtual size: 138KB

.text
Size: 1.8MB - Virtual size: 1.8MB

.rdata
Size: 414KB - Virtual size: 414KB

.data
Size: 463KB - Virtual size: 16.5MB

.rsrc
Size: 177KB - Virtual size: 177KB

.reloc
Size: 139KB - Virtual size: 138KB