2024-05-17_8718d3006de5bb3ba27ece48707a51be_bkransomware_metamorfo

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-17_8718d3006de5bb3ba27ece48707a51be_bkransomware_metamorfo
Size

4.0MB
MD5

8718d3006de5bb3ba27ece48707a51be
SHA1

b0e9ecfa2214c66a33034926b11ab37a671d6e33
SHA256

5edd290b75d5363b87f0e24e870be638d112ca180d03ef574b933d1537373c61
SHA512

c765956506550507f37382d30b17ffeee962657fdac14db60a7b9633cdd895d4fa5533aba816847e72e617d9a6b1886c4a6f1d46d339b7794085c93e8c075b63
SSDEEP

98304:CmAxK0Z2AYjuNrUrt+2fqnTr6RC5IPXrWkBnFLOAkGkzdnEVomFHKnP:CmgK0AISVgIPXrW2FLOyomFHKnP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-17_8718d3006de5bb3ba27ece48707a51be_bkransomware_metamorfo

Files

2024-05-17_8718d3006de5bb3ba27ece48707a51be_bkransomware_metamorfo
.exe windows:6 windows x86 arch:x86

a59c724d9e898e74d4ee9816d534e929

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\test\Desktop\SVN\AUPS-D10-D20\trunk\AP\Windows\32-bits\AUPSV2\AUPSV2\Release\AUPSV2.pdb

Imports

kernel32

GetVersion
GlobalMemoryStatus
GetVersionExA
FlushConsoleInputBuffer
ReadConsoleInputA
SetConsoleMode
FindFirstFileExW
GetDriveTypeW
SystemTimeToTzSpecificLocalTime
GetFileInformationByHandle
PeekNamedPipe
GetOEMCP
GetCPInfo
SetFilePointerEx
GetConsoleMode
ReadConsoleW
GetTimeZoneInformation
SetEnvironmentVariableA
WriteConsoleW
OutputDebugStringW
GetConsoleCP
GetStringTypeW
SetConsoleCtrlHandler
EnumSystemLocalesW
IsValidLocale
LCMapStringW
GetTimeFormatW
GetACP
IsValidCodePage
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetStartupInfoW
GetStdHandle
GetFileType
SetStdHandle
VirtualQuery
VirtualAlloc
GetSystemInfo
HeapQueryInformation
ExitThread
AreFileApisANSI
GetModuleHandleExW
ExitProcess
RtlUnwind
GetSystemTimeAsFileTime
IsProcessorFeaturePresent
IsDebuggerPresent
GetCommandLineW
GetUserDefaultLCID
FindResourceExW
GetWindowsDirectoryW
SearchPathW
GetProfileIntW
VirtualProtect
GetTempPathW
GetTempFileNameW
GetTickCount
GetFileTime
GetFileSizeEx
GetFileAttributesExW
FileTimeToLocalFileTime
SetErrorMode
lstrcmpiW
GetCurrentProcess
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetFullPathNameW
FlushFileBuffers
FindFirstFileW
FindClose
GetFileSize
GetFileAttributesW
CreateFileW
VerifyVersionInfoW
VerSetConditionMask
GetThreadLocale
FileTimeToSystemTime
GlobalGetAtomNameW
DeleteFileW
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
GetCurrentDirectoryW
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
GlobalFindAtomW
GetSystemDirectoryW
EncodePointer
GlobalAddAtomW
ResumeThread
SetThreadPriority
GetCurrentProcessId
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
LoadLibraryW
LoadLibraryA
GetProcAddress
GetModuleHandleW
GetModuleHandleA
InitializeCriticalSectionAndSpinCount
lstrcpyW
FreeResource
lstrcmpW
lstrcmpA
GlobalDeleteAtom
LoadLibraryExW
FreeLibrary
GetVersionExW
GetCurrentThreadId
GetCurrentThread
SetLastError
CopyFileW
FormatMessageW
MulDiv
LocalFree
GlobalFree
GlobalUnlock
GlobalLock
GlobalSize
GlobalAlloc
WideCharToMultiByte
WinExec
DeleteCriticalSection
DecodePointer
EnterCriticalSection
HeapSize
RaiseException
InitializeCriticalSectionEx
LeaveCriticalSection
SizeofResource
GetProcessHeap
HeapFree
HeapAlloc
HeapReAlloc
WaitForSingleObject
CreateThread
Sleep
OutputDebugStringA
MultiByteToWideChar
SetCurrentDirectoryW
GetModuleFileNameW
CloseHandle
GetLastError
CreateMutexW
FindResourceW
LoadResource
LockResource
GetDateFormatW

user32

CopyAcceleratorTableW
CharNextW
KillTimer
RealChildWindowFromPoint
DeleteMenu
CopyImage
WindowFromPoint
WaitMessage
LoadCursorW
SendDlgItemMessageA
LoadMenuW
IntersectRect
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
GetTopWindow
GetClassLongW
EqualRect
AdjustWindowRectEx
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
ScrollWindow
GetForegroundWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
IsChild
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
IsDialogMessageW
SetWindowTextW
GetDlgCtrlID
InvalidateRgn
CheckDlgButton
MoveWindow
ShowWindow
SystemParametersInfoW
GetMenuItemInfoW
DestroyMenu
GetWindowTextLengthW
GetWindowTextW
GetScrollPos
SetScrollPos
SetFocus
GetClassNameW
SetCursor
ShowOwnedPopups
ValidateRect
GetKeyState
PeekMessageW
DispatchMessageW
TranslateMessage
GetMessageW
EnableScrollBar
GetDoubleClickTime
GetIconInfo
SetActiveWindow
GetActiveWindow
CopyIcon
GetMenuDefaultItem
SetMenuDefaultItem
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
ScreenToClient
EndPaint
BeginPaint
ReleaseDC
GetWindowDC
TabbedTextOutW
GetNextDlgGroupItem
MessageBeep
SetLayeredWindowAttributes
SetRectEmpty
EnumDisplayMonitors
SetParent
MonitorFromPoint
LockWindowUpdate
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
DestroyIcon
LoadImageW
TrackMouseEvent
GrayStringW
DrawTextExW
IsZoomed
CharUpperW
GetAsyncKeyState
NotifyWinEvent
SetCursorPos
UnionRect
BringWindowToTop
IsMenu
ModifyMenuW
DestroyAcceleratorTable
SetClassLongW
GetUpdateRect
UpdateLayeredWindow
GetKeyNameTextW
MapVirtualKeyW
LoadAcceleratorsW
TranslateAcceleratorW
InsertMenuItemW
UnpackDDElParam
LoadIconW
GetSystemMenu
AppendMenuW
SendMessageW
SetTimer
GetWindowLongW
MessageBoxA
GetProcessWindowStation
GetUserObjectInformationW
SetWindowLongW
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
EnableWindow
PtInRect
InvalidateRect
GetParent
ReuseDDElParam
CopyRect
InflateRect
RedrawWindow
GetWindowRect
GetCursorPos
FillRect
IsWindowVisible
RegisterClipboardFormatW
ToUnicodeEx
SetCapture
ClientToScreen
ReleaseCapture
MapWindowPoints
GetKeyboardLayout
GetKeyboardState
CreateAcceleratorTableW
SubtractRect
GetDesktopWindow
PostMessageW
GetDC
SetRect
UnregisterClassW
CreatePopupMenu
SetForegroundWindow
MessageBoxW
UpdateWindow
GetMenuStringW
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuW
RemoveMenu
PostQuitMessage
SetWindowPos
SetWindowContextHelpId
GetWindow
MapDialogRect
RegisterWindowMessageW
DrawEdge
DrawFrameControl
GetFocus
DrawStateW
SetWindowRgn
GetSysColor
GetSysColorBrush
DrawFocusRect
OffsetRect
IsRectEmpty
DrawIconEx
IsWindowEnabled
GetWindowThreadProcessId
GetLastActivePopup
IsWindow
DestroyWindow
CreateDialogIndirectParamW
EndDialog
GetDlgItem
CharUpperBuffW
FrameRect
IsClipboardFormatAvailable
PostThreadMessageW
IsCharLowerW
MapVirtualKeyExW
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
GetWindowRgn
DestroyCursor
CreateMenu
InvertRect
HideCaret
GetNextDlgTabItem
GetComboBoxInfo
DrawTextW

gdi32

CreateRectRgnIndirect
Ellipse
GetBkColor
GetTextColor
PatBlt
ExtTextOutW
CreatePolygonRgn
Polyline
GetTextMetricsW
CreateBitmap
CreatePatternBrush
DeleteObject
Escape
ExcludeClipRect
GetClipBox
GetObjectType
GetPixel
GetStockObject
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetBkColor
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextColor
SetTextAlign
MoveToEx
TextOutW
CombineRgn
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
CreateRectRgn
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
GetMapMode
SetRectRgn
DPtoLP
GetRgnBox
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
RealizePalette
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateRoundRectRgn
OffsetRgn
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
EnumFontFamiliesExW
ExtFloodFill
SetPaletteEntries
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetViewportOrgEx
LPtoDP
GetWindowOrgEx
SetPixelV
GetTextFaceW
GetDeviceCaps
CreateDCW
CopyMetaFileW
RoundRect
DeleteDC
CreatePen
CreateSolidBrush
Polygon
GetTextExtentPoint32W
CreateFontW
CreateFontIndirectW
GetObjectW
SelectObject
Rectangle
BitBlt
OffsetViewportOrgEx
CreateHatchBrush
CreateCompatibleDC
CreateCompatibleBitmap
CreateEllipticRgn

msimg32

TransparentBlt
AlphaBlend

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

advapi32

RegisterEventSourceA
DeregisterEventSource
RegEnumKeyExW
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
ReportEventA

shell32

ShellExecuteW
SHGetMalloc
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHBrowseForFolderW
SHGetDesktopFolder
SHAppBarMessage
DragFinish
DragQueryFileW
SHGetFileInfoW
Shell_NotifyIconW

comctl32

InitCommonControlsEx

shlwapi

PathIsUNCW
PathStripToRootW
StrFormatKBSizeW
PathRemoveFileSpecW
PathFindFileNameW
PathFindExtensionW

uxtheme

OpenThemeData
CloseThemeData
DrawThemeBackground
GetWindowTheme
GetThemeSysColor
IsThemeBackgroundPartiallyTransparent
GetThemePartSize
DrawThemeParentBackground
DrawThemeText
IsAppThemed
GetCurrentThemeName
GetThemeColor

ole32

CoTaskMemAlloc
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CoRegisterMessageFilter
CoRevokeClassObject
CoInitializeEx
OleLockRunning
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CreateStreamOnHGlobal
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CoDisconnectObject
CoInitialize
CoCreateInstance
CLSIDFromProgID
CLSIDFromString
CoCreateGuid
CoUninitialize
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree

oleaut32

VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
LoadTypeLi
VariantChangeType
VariantClear
VariantInit
SysAllocStringLen
SysFreeString
SysAllocString
VariantCopy
VarBstrFromDate
OleCreateFontIndirect
SafeArrayDestroy

oledlg

OleUIBusyW

gdiplus

GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipSetInterpolationMode
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDrawImageRectI
GdipDeleteGraphics
GdipCreateFromHDC
GdipDisposeImage
GdipCloneImage
GdipLoadImageFromFileICM
GdipFree
GdipAlloc
GdiplusShutdown
GdiplusStartup

ws2_32

shutdown
WSASetLastError
send
recv
inet_ntoa
getpeername
__WSAFDIsSet
select
WSAGetLastError
connect
ioctlsocket
closesocket
gethostbyname
inet_addr
getservbyname
htons
socket
gethostname
WSACleanup
WSAStartup

ieiaups_dll

IEIAUPS_REMOTE_Initial
IEIAUPS_GetNetworkDevice
IEIAUPS_REMOTE_UnInitial
IEIAUPS_SetNetPowerOff
IEIAUPS_SetNetPowerOn
IEIAUPS_SetNetShutdowm
IEIAUPS_Initial
IEIAUPS_OpenDevice
IEIAUPS_UnInitial
IEIAUPS_GetLIBVersion
IEIAUPS_GetMCUFirmwareVersion
IEIAUPS_GetAUPSStatus
IEIAUPS_ClearSoftShutdown
IEIAUPS_GetBatteryTemperature
IEIAUPS_GetBatteryVoltage
IEIAUPS_GetBatteryCurrent
IEIAUPS_GetBatteryCharge
IEIAUPS_GetBatteryRunTimeToEmpty
IEIAUPS_GetBatteryStatus
IEIAUPS_GetBatteryChemistry
IEIAUPS_SetLANEnable
IEIAUPS_SetBuzzerEnable
IEIAUPS_SetDCOutputEnable
IEIAUPS_SetDCOutputMode
IEIAUPS_SetHDCPEnable
IEIAUPS_SetHostName
IEIAUPS_SetDCOutputOffDelayTime
IEIAUPS_SetDCOutputDelayOff
IEIAUPS_SetIPAddress
IEIAUPS_SetSubnetMASK
IEIAUPS_SetGateway
IEIAUPS_SetPrimaryDNS
IEIAUPS_SetSecondaryDNS
IEIAUPS_SetProtecedName
IEIAUPS_SetProtecedPassword
IEIAUPS_GetHostName
IEIAUPS_GetDCOutputOffDelayTime
IEIAUPS_GetMACAddress
IEIAUPS_GetIPAddress
IEIAUPS_GetSecondaryDNS
IEIAUPS_GetPrimaryDNS
IEIAUPS_GetGateway
IEIAUPS_GetSubnetMASK
IEIAUPS_InitializeNetwork

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundW

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 501KB - Virtual size: 501KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 159KB - Virtual size: 158KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a59c724d9e898e74d4ee9816d534e929

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

ws2_32

ieiaups_dll

oleacc

imm32

winmm

Sections

.text Size: 1.9MB - Virtual size: 1.9MB

.rdata Size: 501KB - Virtual size: 501KB

.data Size: 88KB - Virtual size: 126KB

.rsrc Size: 1.4MB - Virtual size: 1.4MB

.reloc Size: 159KB - Virtual size: 158KB

.text
Size: 1.9MB - Virtual size: 1.9MB

.rdata
Size: 501KB - Virtual size: 501KB

.data
Size: 88KB - Virtual size: 126KB

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

.reloc
Size: 159KB - Virtual size: 158KB