2024-05-03_a2304d1941496923d4b0ea5845808ea9_bkransomware

Sharing

Copy URL

Twitter E-mail

General

Target

2024-05-03_a2304d1941496923d4b0ea5845808ea9_bkransomware
Size

2.7MB
MD5

a2304d1941496923d4b0ea5845808ea9
SHA1

9052a2876fc31a334a1df81a5d88098a3409a249
SHA256

92cd33cdca4cac6958548a84368e6bb5706ad21f5ffa934ddd7edfbe1033fee4
SHA512

ece87ed7039c4c5e4803aa26d1adabb3e8916cd12a2674d765763b3edf4ab895e8e4c8cfba4b9dd20542b5e3d411e5690a4fcb5bbd9f37e793dd5457ea3d15e9
SSDEEP

49152:/awM+dQEn9o8BLAzjj6cPthutI0zykeTYTBzw+:CwME9TVcPoI0zykecT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-03_a2304d1941496923d4b0ea5845808ea9_bkransomware

Files

2024-05-03_a2304d1941496923d4b0ea5845808ea9_bkransomware
.exe windows:5 windows x86 arch:x86

274bacea78addc501fd4c217d44e284c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

waveInClose
waveInUnprepareHeader
waveInReset
waveInStop
waveInGetPosition
mciSendCommandA
mciGetErrorStringA
auxGetNumDevs
auxGetDevCapsA
mixerGetNumDevs
waveOutSetVolume
waveOutGetPosition
waveOutClose
waveOutUnprepareHeader
waveOutReset
midiOutClose
midiOutReset
mixerOpen
mixerGetDevCapsA
mixerGetLineInfoA
mixerGetLineControlsA
mixerGetControlDetailsA
mixerClose
auxGetVolume
auxSetVolume
mixerSetControlDetails
timeGetTime

comctl32

ord6
ord17

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

dsound

ord1

kernel32

InterlockedPushEntrySList
InitializeSListHead
InterlockedPopEntrySList
FormatMessageA
LocalFree
LoadLibraryA
GetProcAddress
GetLastError
FreeLibrary
GlobalUnlock
GlobalFree
GetLocalTime
GlobalLock
WideCharToMultiByte
FindFirstFileA
FindClose
GetPrivateProfileIntA
GetDriveTypeA
GetModuleFileNameA
Sleep
FindNextFileA
CloseHandle
GlobalAlloc
GlobalReAlloc
CreateSemaphoreA
WaitForSingleObject
ReleaseSemaphore
MultiByteToWideChar
lstrcpyA
ExitThread
CreateThread
CreateDirectoryA
SetErrorMode
CompareFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
CreateFileA
GetFileTime
SetFileTime
DeleteFileA
MoveFileA
GetFileAttributesA
SetFileAttributesA
GetFileSize
ReadFile
SetFilePointer
WriteFile
GetVersionExA
CreateProcessA
lstrlenA
TerminateThread
GetExitCodeThread
RaiseException
InitializeCriticalSectionAndSpinCount
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
DecodePointer
GetCurrentThreadId
FlushInstructionCache
GetCurrentProcess
lstrcmpA
MulDiv
SetLastError
FindResourceA
LoadResource
InterlockedIncrement
InterlockedDecrement
SizeofResource
IsDBCSLeadByte
lstrcmpiA
GetModuleHandleA
LoadLibraryExA
GetCurrentDirectoryA
IsDebuggerPresent
IsProcessorFeaturePresent
HeapFree
HeapAlloc
GetSystemInfo
VirtualAlloc
VirtualProtect
VirtualQuery
EncodePointer
GetCommandLineA
HeapReAlloc
ExitProcess
GetModuleHandleExW
AreFileApisANSI
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
GetConsoleMode
ReadConsoleW
SetFilePointerEx
GetStdHandle
GetFileType
RtlUnwind
GetProcessHeap
GetModuleFileNameW
HeapSize
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetStdHandle
GetConsoleCP
LoadLibraryExW
FlushFileBuffers
OutputDebugStringW
GetStringTypeW
LCMapStringW
WriteConsoleW
CreateFileW
SetEndOfFile
VirtualFree

user32

GetDC
ReleaseDC
GetSystemMetrics
SetWindowPos
IsIconic
ScreenToClient
GetActiveWindow
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
AppendMenuA
CreatePopupMenu
TrackPopupMenu
DestroyMenu
GetMenu
EnableMenuItem
GetSubMenu
GetMenuItemCount
DeleteMenu
ModifyMenuA
GetClientRect
ClientToScreen
ClipCursor
GetClipCursor
LoadCursorA
GetCursor
SetCursor
CreateIconIndirect
SetCursorPos
SetWindowTextA
ShowWindow
MoveWindow
GetDlgItem
SendDlgItemMessageA
EnableWindow
EndDialog
DialogBoxParamA
GetMenuStringA
FillRect
GetSysColorBrush
wsprintfA
WaitForInputIdle
GetClassNameA
EnumWindows
GetWindowTextA
OpenClipboard
DestroyIcon
SetClipboardData
CloseClipboard
SetForegroundWindow
GetMenuItemRect
AdjustWindowRect
EnumDisplaySettingsA
ChangeDisplaySettingsA
UpdateWindow
LoadMenuA
SetMenu
ShowCursor
GetKeyState
SendIMEMessageExA
WINNLSEnableIME
SystemParametersInfoA
DrawMenuBar
SetTimer
DefWindowProcA
LoadIconA
RegisterClassExA
CharNextA
UnregisterClassA
GetWindowTextLengthA
InvalidateRgn
RedrawWindow
SetCapture
GetWindow
IsChild
GetParent
IsWindow
GetClassInfoExA
GetSysColor
DestroyAcceleratorTable
GetDesktopWindow
CreateAcceleratorTableA
ReleaseCapture
RegisterWindowMessageA
SetClassLongA
IsDialogMessageA
WaitMessage
PostQuitMessage
SetDlgItemInt
GetDlgItemInt
CreateDialogParamA
KillTimer
InvertRect
LoadImageA
PostMessageA
GetDlgItemTextA
SetDlgItemTextA
DestroyWindow
GetWindowRect
GetCursorPos
GetWindowLongA
SetWindowLongA
CreateWindowExA
CallWindowProcA
GetFocus
SendMessageA
SetFocus
GetAsyncKeyState
GetDlgCtrlID
EndPaint
BeginPaint
InvalidateRect
EmptyClipboard
MessageBoxA

gdi32

SetBkColor
SetTextColor
CreateSolidBrush
DeleteObject
AddFontResourceExA
CreateDIBitmap
CreateBitmap
CreateCompatibleDC
CreateDIBSection
SelectObject
BitBlt
DeleteDC
CreateFontA
GetTextMetricsA
GetGlyphOutlineA
GetDeviceCaps
EnumFontFamiliesExA
TextOutA
SetBkMode
SetStretchBltMode
GetStockObject
CreateCompatibleBitmap
GetObjectA
SetDIBitsToDevice
StretchDIBits

advapi32

RegCreateKeyExA
RegQueryInfoKeyW
GetUserNameA
RegDeleteKeyA
RegEnumKeyExA
RegDeleteValueA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegCreateKeyA
RegSetValueExA

shell32

DragQueryFileA
SHGetSpecialFolderPathA
ShellExecuteExA
DragFinish

ole32

OleLockRunning
CoGetClassObject
CLSIDFromProgID
CreateStreamOnHGlobal
StringFromGUID2
CoTaskMemAlloc
CoCreateInstance
CoTaskMemFree
CoInitialize
CoTaskMemRealloc
CoUninitialize
OleUninitialize
CLSIDFromString
OleInitialize

oleaut32

VarUI4FromStr
OleCreateFontIndirect
LoadRegTypeLi
LoadTypeLi
VariantClear
VariantInit
SysStringLen
SysAllocString
SysFreeString
SysAllocStringLen

Sections

.text
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 154KB - Virtual size: 154KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 79KB - Virtual size: 26.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 212KB - Virtual size: 211KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.bind
Size: 125KB - Virtual size: 125KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

274bacea78addc501fd4c217d44e284c

Headers

DLL Characteristics

File Characteristics

Imports

winmm

comctl32

version

dsound

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 2.0MB - Virtual size: 2.0MB

.rdata Size: 154KB - Virtual size: 154KB

.data Size: 79KB - Virtual size: 26.8MB

.rsrc Size: 89KB - Virtual size: 89KB

.reloc Size: 212KB - Virtual size: 211KB

.bind Size: 125KB - Virtual size: 125KB

.text
Size: 2.0MB - Virtual size: 2.0MB

.rdata
Size: 154KB - Virtual size: 154KB

.data
Size: 79KB - Virtual size: 26.8MB

.rsrc
Size: 89KB - Virtual size: 89KB

.reloc
Size: 212KB - Virtual size: 211KB

.bind
Size: 125KB - Virtual size: 125KB