2024-05-10_52458f653681244da539ebf662df4a90_bkransomware

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-10_52458f653681244da539ebf662df4a90_bkransomware
Size

2.9MB
MD5

52458f653681244da539ebf662df4a90
SHA1

f89b025b86b52645c0de6032bcde447440f803eb
SHA256

eafb5df71a824e6143f173f6f2360a77c08281238e29178508be5ad692b4ed8a
SHA512

2c49a58d55112883d646c8687ac53a243273e14792a36980afd5c919d3c6af982ecedfb6eba2f3c7456fff073ca6532d887b602ab6f800b7a67e3ad13fa4299a
SSDEEP

49152:gonJzUR4xRCsViUI8DMIBn35RqZi7i9dzdlV6ykiVnosGJVsEcNT:goJC4xRCsVbIlIBn35QIiLV6ykiZosb

Score

1^/10

Malware Config

Signatures

Files

2024-05-10_52458f653681244da539ebf662df4a90_bkransomware
.exe windows:5 windows x86 arch:x86

ecb71382ea0a83029a767d42915576a3

Code Sign

95:56:7e:a6:bb:c4:e9:aa:6f:26:2a:4a:d4:c9:99:1a:86:d7:9b:1c
Signer

Actual PE Digest

95:56:7e:a6:bb:c4:e9:aa:6f:26:2a:4a:d4:c9:99:1a:86:d7:9b:1c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

yyxf_play

yyxf_D8
yyxf_D7
yyxf_D6
yyxf_D5
yyxf_D4
yyxf_D3
yyxf_D2
yyxf_C9
yyxf_C8
yyxf_C6
yyxf_C5
yyxf_C2
yyxf_B9
yyxf_D9
yyxf_B5
yyxf_B4
yyxf_B3
yyxf_B2
yyxf_B1
yyxf_A9
yyxf_A8
yyxf_A7
yyxf_A5
yyxf_A3
yyxf_A1
yyxf_E7
yyxf_C4
yyxf_B8
yyxf_E1
yyxf_C3
yyxf_G1
yyxf_F8
yyxf_B7
yyxf_E2
yyxf_E3
yyxf_E4
yyxf_E6
yyxf_E9
yyxf_F1
yyxf_G3
yyxf_G4
yyxf_G6
yyxf_G7
yyxf_G8
yyxf_G9
yyxf_H2
yyxf_H3
yyxf_H4
yyxf_H6
yyxf_F7
yyxf_G5
yyxf_C1
yyxf_E8
yyxf_G2
yyxf_F4
yyxf_H5
yyxf_F3
yyxf_F6
yyxf_B6
yyxf_A6
yyxf_A4
yyxf_F9
yyxf_H1

winmm

PlaySoundW
waveOutSetVolume

psapi

GetModuleFileNameExW

kernel32

InitializeCriticalSection
GlobalGetAtomNameW
FileTimeToLocalFileTime
GetFileAttributesExW
GetFileSizeEx
GetFileTime
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalReAlloc
GlobalHandle
LocalAlloc
LocalReAlloc
GlobalFlags
CompareStringW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
SetErrorMode
GetCurrentDirectoryW
VerSetConditionMask
VerifyVersionInfoW
GetTempFileNameW
GetTempPathW
GetProfileIntW
SearchPathW
VirtualProtect
FindResourceExW
GetCommandLineW
RtlUnwind
IsDebuggerPresent
IsProcessorFeaturePresent
SetStdHandle
GetFileType
ExitProcess
GetCurrentThread
HeapQueryInformation
GetSystemInfo
VirtualAlloc
VirtualQuery
GetStdHandle
GetStartupInfoW
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsValidCodePage
GetOEMCP
GetCPInfo
GetStringTypeW
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
ReadConsoleW
SetFilePointerEx
OutputDebugStringW
LCMapStringW
WriteConsoleW
SetEnvironmentVariableA
ResumeThread
ReleaseMutex
GetSystemTimeAsFileTime
CompareStringA
DecodePointer
LockResource
FreeLibrary
GetProcAddress
HeapAlloc
HeapReAlloc
HeapFree
HeapSize
GetProcessHeap
RaiseException
GetLastError
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LoadResource
SetThreadPriority
GetThreadLocale
DuplicateHandle
UnlockFile
SetFilePointer
SetEndOfFile
LockFile
GetFullPathNameW
FlushFileBuffers
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
GlobalFindAtomW
GlobalAddAtomW
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
FreeResource
EncodePointer
GetCurrentProcessId
SizeofResource
LoadLibraryW
FindResourceW
GetVersionExW
LoadLibraryA
GetCurrentThreadId
Sleep
WriteFile
GetModuleHandleA
OutputDebugStringA
lstrcmpA
CopyFileW
MulDiv
GlobalFree
GlobalSize
GetSystemDirectoryW
RemoveDirectoryW
SetLastError
GetLocaleInfoW
GetACP
lstrcpyW
SetCurrentDirectoryW
OpenFileMappingW
UnmapViewOfFile
MapViewOfFile
ExitThread
CreateThread
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
CreateProcessW
WaitForSingleObject
TerminateProcess
OpenProcess
GetDiskFreeSpaceExW
FindNextFileW
FindFirstFileW
FindClose
GetVolumeInformationW
GetDriveTypeW
GlobalAlloc
SetSystemPowerState
lstrcpynW
SetThreadExecutionState
GetCurrentProcess
GetFileSize
ReadFile
GetWindowsDirectoryW
CreateMutexW
lstrcmpiW
FormatMessageW
FileTimeToSystemTime
LeaveCriticalSection
EnterCriticalSection
LocalFree
GlobalMemoryStatus
lstrcatW
GlobalUnlock
GlobalLock
GetTickCount
GetStringTypeExW
WideCharToMultiByte
MultiByteToWideChar
WaitNamedPipeW
DeleteFileW
GetFileAttributesW
CreateFileW
CreateDirectoryW
GetModuleHandleW
GetModuleFileNameW
lstrlenW
SetNamedPipeHandleState
CloseHandle
GetModuleHandleExW

user32

UnpackDDElParam
ReuseDDElParam
GetDialogBaseUnits
GetSysColorBrush
RealChildWindowFromPoint
CopyImage
PostThreadMessageW
CopyAcceleratorTableW
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
SetParent
DrawFocusRect
EnableScrollBar
HideCaret
InvertRect
NotifyWinEvent
GetMenuDefaultItem
LockWindowUpdate
EnumDisplayMonitors
DrawStateW
DrawFrameControl
UpdateLayeredWindow
MonitorFromPoint
TrackMouseEvent
GetComboBoxInfo
WaitMessage
GetKeyboardLayout
IsCharLowerW
MapVirtualKeyExW
ToUnicodeEx
GetKeyboardState
CreateAcceleratorTableW
DestroyAcceleratorTable
SetClassLongW
GetDoubleClickTime
CopyIcon
SetMenuDefaultItem
CharUpperBuffW
FrameRect
IsClipboardFormatAvailable
GetUpdateRect
SubtractRect
DestroyCursor
DrawIcon
InsertMenuItemW
LoadAcceleratorsW
MapDialogRect
SetWindowContextHelpId
RegisterClipboardFormatW
ShowOwnedPopups
PostQuitMessage
GetDesktopWindow
GetNextDlgTabItem
EndDialog
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
CheckMenuItem
SendDlgItemMessageA
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
TranslateAcceleratorW
GetActiveWindow
TranslateMessage
GetMessageW
IsDialogMessageW
SetWindowTextW
IsDlgButtonChecked
CheckDlgButton
SetDlgItemTextW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
GetTopWindow
GetClassLongW
EqualRect
MapWindowPoints
GetWindowTextLengthW
GetWindowTextW
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
ValidateRect
SetActiveWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
GetKeyState
SetFocus
GetDlgCtrlID
GetDlgItem
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
IsChild
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetMessageTime
GetMessagePos
DispatchMessageW
GetLastActivePopup
GetWindowThreadProcessId
MessageBoxW
IsWindowEnabled
MapVirtualKeyW
GetKeyNameTextW
FillRect
EndPaint
BeginPaint
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
InsertMenuW
GetMenuState
GetMenuStringW
CharNextW
IntersectRect
ShowScrollBar
GetAncestor
WindowFromPoint
DestroyIcon
EmptyClipboard
SetClipboardData
GetWindowRgn
MoveWindow
ShowWindow
DestroyWindow
CreateWindowExW
RegisterClassExW
DefWindowProcW
LoadIconW
ChildWindowFromPoint
ClipCursor
ShowCursor
DeleteMenu
RemoveMenu
EnableMenuItem
GetFocus
IsMenu
ExitWindowsEx
PeekMessageW
RegisterWindowMessageW
SetLayeredWindowAttributes
LoadCursorW
SetCursor
DrawEdge
IsRectEmpty
ClientToScreen
RedrawWindow
KillTimer
SetTimer
InflateRect
ScreenToClient
InvalidateRect
TrackPopupMenuEx
ReleaseCapture
SetCapture
GetIconInfo
CreateIconIndirect
FindWindowW
SetForegroundWindow
UpdateWindow
BringWindowToTop
IsWindow
GetParent
EnableWindow
GetClipboardData
CloseClipboard
OpenClipboard
GetMonitorInfoW
SystemParametersInfoW
DrawIconEx
UnionRect
SetRect
SetWindowRgn
GetSystemMenu
GetSystemMetrics
GetAsyncKeyState
CharUpperW
IsZoomed
IsIconic
SetWindowPos
LoadImageW
GetWindow
AppendMenuW
DestroyMenu
CreatePopupMenu
CreateMenu
LoadMenuW
CharLowerW
PostMessageW
SetRectEmpty
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetClassNameW
SetWindowLongW
GetWindowLongW
PtInRect
OffsetRect
CopyRect
GetCursorPos
AdjustWindowRectEx
GetWindowRect
GetClientRect
RemovePropW
GetPropW
SetPropW
ReleaseDC
GetDC
WindowFromDC
GetForegroundWindow
SetMenuItemInfoW
GetMenuItemInfoW
ModifyMenuW
GetMenuItemCount
GetMenuItemID
GetSubMenu
IsWindowVisible
CallWindowProcW
SendMessageW
LoadBitmapW
GetSysColor
UnregisterClassW
SetCursorPos
CreateDialogIndirectParamW

gdi32

GetClipBox
GetObjectType
GetPixel
GetStockObject
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExcludeClipRect
Escape
CreatePatternBrush
CreateHatchBrush
GetDeviceCaps
CreateDCW
CopyMetaFileW
GetTextMetricsW
CreateEllipticRgn
ExtSelectClipRgn
SelectPalette
SetBkColor
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextColor
SetTextAlign
PtInRegion
MoveToEx
TextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
PatBlt
GetMapMode
SetRectRgn
DPtoLP
GetBkColor
GetTextColor
GetRgnBox
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
SetPixel
SetDIBColorTable
Ellipse
CreatePolygonRgn
Polygon
Polyline
Rectangle
EnumFontFamiliesExW
OffsetRgn
FrameRgn
SetPixelV
ExtFloodFill
SetPaletteEntries
FillRgn
GetBoundsRect
GetWindowOrgEx
LPtoDP
GetViewportOrgEx
GetTextFaceW
CreateRectRgn
RoundRect
CreatePen
CreateBitmap
ExtTextOutW
StretchBlt
SetDIBits
GetDIBits
CreateRoundRectRgn
CreateRectRgnIndirect
CreateEllipticRgnIndirect
CombineRgn
RemoveFontResourceW
CreateSolidBrush
AddFontResourceW
GetTextExtentPoint32W
GetObjectW
CreateDIBSection
SelectObject
DeleteObject
DeleteDC
CreateFontW
CreateFontIndirectW
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt

msimg32

AlphaBlend
TransparentBlt

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

LookupPrivilegeValueW
RegEnumKeyExW
RegEnumValueW
RegQueryValueW
RegDeleteValueW
RegQueryInfoKeyW
RegEnumKeyW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
AdjustTokenPrivileges
OpenProcessToken
CryptDestroyHash
CryptHashData
CryptCreateHash
CryptGetHashParam
CryptReleaseContext
CryptAcquireContextW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW

shell32

SHGetSpecialFolderLocation
SHGetDesktopFolder
SHAppBarMessage
ShellExecuteW
SHAddToRecentDocs
DragFinish
SHGetFileInfoW
SHChangeNotify
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetMalloc
Shell_NotifyIconW
SHGetSpecialFolderPathW
ShellExecuteExW
DragQueryFileW
ExtractIconExW
ord680

comctl32

ImageList_AddMasked
ImageList_Draw
ImageList_GetIcon
ImageList_ReplaceIcon
ImageList_DrawEx
ImageList_GetImageCount
ImageList_BeginDrag
ImageList_DragShowNolock
_TrackMouseEvent
ImageList_EndDrag
ImageList_DragEnter
ImageList_DragLeave
ImageList_DragMove

shlwapi

PathRemoveExtensionW
PathRemoveFileSpecW
StrFormatKBSizeW
PathFileExistsW
PathIsUNCW
PathStripToRootW
PathFindExtensionW
PathFindFileNameW

uxtheme

GetWindowTheme
GetThemeSysColor
CloseThemeData
DrawThemeBackground
GetThemePartSize
IsThemeBackgroundPartiallyTransparent
IsAppThemed
DrawThemeParentBackground
DrawThemeText
GetThemeColor
GetCurrentThemeName
OpenThemeData

ole32

OleDuplicateData
CoInitialize
CoUninitialize
CoCreateGuid
CoRevokeClassObject
OleInitialize
OleUninitialize
CLSIDFromString
CLSIDFromProgID
CoDisconnectObject
CoInitializeEx
CoGetClassObject
OleFlushClipboard
OleIsCurrentClipboard
CoRegisterMessageFilter
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
CreateStreamOnHGlobal
DoDragDrop
OleLockRunning
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleGetClipboard
CoLockObjectExternal
CoTaskMemAlloc
CoTaskMemFree
RevokeDragDrop
RegisterDragDrop
CoCreateInstance
CoFreeUnusedLibrariesEx
CoFreeUnusedLibraries
ReleaseStgMedium

oleaut32

VarBstrFromDate
VariantCopy
SysAllocStringLen
SysFreeString
VariantInit
VariantClear
VariantChangeType
SysAllocString
SysStringLen
LoadTypeLi
RegisterTypeLi
OleCreateFontIndirect
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy

oledlg

OleUIBusyW

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

gdiplus

GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipAlloc
GdipFree
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreateBitmapFromStream
GdiplusShutdown

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 459KB - Virtual size: 458KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 219KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 418KB - Virtual size: 417KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 163KB - Virtual size: 163KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ecb71382ea0a83029a767d42915576a3

Code Sign

95:56:7e:a6:bb:c4:e9:aa:6f:26:2a:4a:d4:c9:99:1a:86:d7:9b:1cSigner

Headers

DLL Characteristics

File Characteristics

Imports

yyxf_play

winmm

psapi

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

oleacc

gdiplus

imm32

Sections

.text Size: 1.9MB - Virtual size: 1.9MB

.rdata Size: 459KB - Virtual size: 458KB

.data Size: 26KB - Virtual size: 219KB

.rsrc Size: 418KB - Virtual size: 417KB

.reloc Size: 163KB - Virtual size: 163KB

95:56:7e:a6:bb:c4:e9:aa:6f:26:2a:4a:d4:c9:99:1a:86:d7:9b:1c
Signer

.text
Size: 1.9MB - Virtual size: 1.9MB

.rdata
Size: 459KB - Virtual size: 458KB

.data
Size: 26KB - Virtual size: 219KB

.rsrc
Size: 418KB - Virtual size: 417KB

.reloc
Size: 163KB - Virtual size: 163KB