2024-05-22_60bf40367d622d12be708ee3426d93a9_bkransomware_ramnit

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-22_60bf40367d622d12be708ee3426d93a9_bkransomware_ramnit
Size

4.2MB
MD5

60bf40367d622d12be708ee3426d93a9
SHA1

48abbd69ef51b3972849fcfca7c7dab2a2536a9a
SHA256

decb322ded7dfdd664776f2101144e5b4a0c6e8380291eef417d05b4047618bd
SHA512

600b100fff084f61470c9c117ca9edce878a1c399622bfa8f10507930a054fb19fb9b973f4fd97d4a12c2e0e798e4bcd95afa4e177dd2d5bb1849b39c9e244c0
SSDEEP

98304:59yCjpvdvsiB/f5H8rSfnFQMaz3SOVAAGZlokIq24HGYG3JbhzLrKpZ/MA4Iaz/a:5/jlSbz3SOVAAGZlokIq24HGYG3JbhzZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-22_60bf40367d622d12be708ee3426d93a9_bkransomware_ramnit

Files

2024-05-22_60bf40367d622d12be708ee3426d93a9_bkransomware_ramnit
.exe windows:5 windows x86 arch:x86

2cc477f9e5bd3d42100277c79f8c629a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

quartz

AMGetErrorTextW

msdmo

DMOEnum
MoFreeMediaType
DMOUnregister

kernel32

GetSystemDefaultUILanguage
GetUserDefaultUILanguage
LocalFileTimeToFileTime
SetErrorMode
GetCurrentDirectoryW
GetWindowsDirectoryW
GetProfileIntW
VirtualProtect
FindResourceExW
GetCommandLineW
IsDebuggerPresent
IsProcessorFeaturePresent
VirtualQuery
SetStdHandle
GetFileType
RtlUnwind
ExitThread
ExitProcess
GetModuleHandleExW
HeapQueryInformation
TlsSetValue
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
GetTimeZoneInformation
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetStringTypeW
GetConsoleCP
GetConsoleMode
GetDateFormatW
GetTimeFormatW
LCMapStringW
ReadConsoleW
WriteConsoleW
GetDriveTypeW
SetEnvironmentVariableA
CompareStringW
LocalReAlloc
InterlockedPushEntrySList
TlsGetValue
TlsAlloc
GlobalFlags
FindNextFileW
GlobalGetAtomNameW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
ReplaceFileW
SetFileTime
GetFileTime
CompareStringA
ResumeThread
lstrcmpA
VerifyVersionInfoW
VerSetConditionMask
GetThreadLocale
GetStringTypeExW
MoveFileW
lstrcmpiW
GetVolumeInformationW
GetShortPathNameW
FindFirstFileW
FindClose
CopyFileW
GlobalFindAtomW
GlobalAddAtomW
GlobalDeleteAtom
LoadLibraryExW
GetSystemDirectoryW
EncodePointer
GetModuleHandleA
FreeResource
SetThreadPriority
GetCurrentThread
GetThreadPriority
InterlockedExchange
VirtualFree
VirtualAlloc
ReleaseSemaphore
WaitForMultipleObjects
SetEvent
DuplicateHandle
CreateEventW
ResetEvent
LoadLibraryExA
GlobalReAlloc
GetTempFileNameW
GetExitCodeProcess
GetVersion
GlobalHandle
SearchPathW
lstrcatW
GetLocaleInfoW
DecodePointer
IsWow64Process
OpenProcess
CreateThread
FreeConsole
GetStdHandle
AllocConsole
lstrcmpW
GlobalLock
GlobalUnlock
FlushInstructionCache
GetCurrentThreadId
RaiseException
InterlockedDecrement
InterlockedIncrement
lstrcpyW
lstrlenW
GetFileSizeEx
SetFilePointerEx
QueryPerformanceFrequency
GetLocalTime
SetLastError
SetDllDirectoryW
InitializeCriticalSectionAndSpinCount
GetCurrentProcess
VirtualQueryEx
GlobalFree
GlobalSize
GlobalAlloc
FileTimeToLocalFileTime
FileTimeToSystemTime
GetModuleHandleW
GetModuleFileNameW
lstrcpynW
MulDiv
FindResourceW
LoadResource
LockResource
SizeofResource
DeleteFileA
AreFileApisANSI
GetSystemTime
LocalFree
GetTempPathA
GetCurrentProcessId
DeleteFileW
CloseHandle
GetVersionExA
OutputDebugStringA
DeleteCriticalSection
GetFileAttributesExW
GetSystemInfo
GetDiskFreeSpaceA
CreateFileMappingW
CreateFileMappingA
LoadLibraryA
GetDiskFreeSpaceW
EnterCriticalSection
LockFileEx
HeapSize
GetProcAddress
GetLastError
GetTempPathW
FlushFileBuffers
MultiByteToWideChar
CreateFileW
ReadFile
GetFileAttributesW
HeapValidate
HeapCreate
GetFileAttributesA
LeaveCriticalSection
HeapDestroy
GetVersionExW
FormatMessageW
Sleep
LoadLibraryW
WideCharToMultiByte
InitializeCriticalSection
WriteFile
FormatMessageA
GetSystemTimeAsFileTime
GetProcessHeap
UnlockFileEx
GetTickCount
OutputDebugStringW
LockFile
UnlockFile
InterlockedCompareExchange
WaitForSingleObject
HeapFree
QueryPerformanceCounter
SystemTimeToFileTime
HeapAlloc
FreeLibrary
SetEndOfFile
UnmapViewOfFile
MapViewOfFile
SetFilePointer
HeapCompact
CreateMutexW
GetFileSize
CreateFileA
HeapReAlloc
GetFullPathNameA
GetFullPathNameW
LocalAlloc
TlsFree
InitializeSListHead
InterlockedPopEntrySList
GetStartupInfoW

user32

ToUnicodeEx
GetIconInfo
GetSystemMenu
GetAsyncKeyState
DrawIconEx
DrawFrameControl
DrawEdge
DrawStateW
CopyImage
RealChildWindowFromPoint
NotifyWinEvent
UnionRect
DestroyCursor
ShowOwnedPopups
ReuseDDElParam
UnpackDDElParam
LoadImageW
DestroyIcon
InsertMenuItemW
BringWindowToTop
LoadAcceleratorsW
SetWindowContextHelpId
RegisterClipboardFormatW
PostQuitMessage
IsIconic
DestroyMenu
DrawIcon
GetMessageW
WindowFromPoint
SetRectEmpty
GetSysColorBrush
SetLayeredWindowAttributes
InflateRect
SetWindowRgn
CharUpperW
SendDlgItemMessageA
RemoveMenu
AppendMenuW
GetMenuState
GetMenuStringW
GetWindowThreadProcessId
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
CheckMenuItem
IsDialogMessageW
IsDlgButtonChecked
CheckRadioButton
CheckDlgButton
SetDlgItemTextW
GetDlgItemInt
SetDlgItemInt
ShowWindow
WinHelpW
GetScrollInfo
SetScrollInfo
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetLastActivePopup
GetTopWindow
GetClassLongW
AdjustWindowRectEx
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
GetKeyboardLayout
ScrollWindow
GetForegroundWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
GetDlgCtrlID
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
GetClassInfoW
RegisterClassW
GetMessageTime
GetMessagePos
MapVirtualKeyW
GetKeyNameTextW
IsWindowEnabled
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
PostThreadMessageW
GetQueueStatus
PeekMessageW
MsgWaitForMultipleObjects
TrackMouseEvent
MapWindowPoints
DispatchMessageW
TranslateMessage
DrawFocusRect
ValidateRect
ShowCursor
SetCursor
MessageBoxW
CreateDialogParamW
SetForegroundWindow
LoadIconW
MapDialogRect
LoadMenuW
EnableMenuItem
SetMenuItemInfoW
EnableWindow
SendMessageW
GetWindowRect
GetClientRect
CopyRect
LoadBitmapW
GetSystemMetrics
TranslateAcceleratorW
GetActiveWindow
GetMenuItemInfoW
MonitorFromWindow
PostMessageW
SetActiveWindow
EnumDisplayMonitors
SystemParametersInfoW
IsWindowVisible
MonitorFromRect
EqualRect
GetMonitorInfoW
MonitorFromPoint
UpdateWindow
RegisterWindowMessageW
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
BeginPaint
GetKeyboardState
CopyAcceleratorTableW
SetCursorPos
SetParent
LockWindowUpdate
SetClassLongW
GetNextDlgGroupItem
GetTabbedTextExtentW
CreateMenu
EnableScrollBar
HideCaret
InvertRect
IsClipboardFormatAvailable
GetDoubleClickTime
CopyIcon
SetMenuDefaultItem
EndPaint
IsChild
GetFocus
SetFocus
GetWindow
GetDlgItem
GetClassNameW
GetSysColor
CharNextW
IsMenu
CharUpperBuffW
UpdateLayeredWindow
GetWindowRgn
GetComboBoxInfo
WaitMessage
SubtractRect
GetUpdateRect
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
MapVirtualKeyExW
IsCharLowerW
FrameRect
SetScrollPos
SetWindowPos
RedrawWindow
IsWindow
InvalidateRect
GetCursorPos
SetRect
SetTimer
KillTimer
GetKeyState
MessageBeep
PtInRect
OffsetRect
CreatePopupMenu
ClientToScreen
InsertMenuW
ModifyMenuW
GetMenuItemCount
SetCapture
ReleaseCapture
IntersectRect
IsRectEmpty
GetDC
ReleaseDC
IsZoomed
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
GetSubMenu
DeleteMenu
GetMenuItemID
UnregisterClassW
RegisterClassExW
LoadCursorW
DefWindowProcW
SetWindowLongW
GetWindowLongW
DestroyAcceleratorTable
GetDesktopWindow
CallWindowProcW
InvalidateRgn
FillRect
MoveWindow
ScreenToClient
GetParent
CreateAcceleratorTableW
DestroyWindow
CreateWindowExW
GetClassInfoExW
GetMenuDefaultItem

gdi32

CreateRoundRectRgn
CreateDIBitmap
CreateFontIndirectW
EnumFontFamiliesW
GetTextCharsetInfo
GetTextMetricsW
CreateEllipticRgn
Ellipse
DPtoLP
LPtoDP
EndDoc
StartPage
EndPage
AbortDoc
SetAbortProc
GetViewportOrgEx
GetCharWidthW
StretchDIBits
GetBkColor
GetTextColor
CombineRgn
GetMapMode
SetRectRgn
RealizePalette
StretchBlt
SetDIBColorTable
CreatePolygonRgn
Polyline
CreateDCW
GetRgnBox
GetROP2
GetBkMode
GetNearestColor
GetPolyFillMode
GetStretchBltMode
GetTextAlign
GetWindowOrgEx
GetTextFaceW
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
OffsetRgn
RoundRect
ExtFloodFill
SetPaletteEntries
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
SetPixelV
SetStretchBltMode
SetROP2
SetPolyFillMode
CopyMetaFileW
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
ExtTextOutW
TextOutW
MoveToEx
StartDocW
SetTextAlign
CreateCompatibleDC
EnumFontFamiliesExW
GetLayout
SetLayout
SetMapMode
SetBkMode
SelectPalette
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetObjectType
GetCurrentPositionEx
GetClipBox
ExcludeClipRect
Escape
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
SetTextColor
SetBkColor
CreateRectRgnIndirect
CreateDIBSection
CreateSolidBrush
SelectObject
GetStockObject
GetObjectW
DeleteObject
CreateBitmap
BitBlt
PatBlt
CreateCompatibleBitmap
SetPixel
GetPixel
Rectangle
Polygon
GetTextExtentPoint32W
GetDeviceCaps
DeleteDC
CreateFontW

msimg32

AlphaBlend
TransparentBlt

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter
GetJobW

advapi32

CheckTokenMembership
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegQueryValueExW
RegEnumKeyExW
RegQueryInfoKeyW
RegEnumValueW
RegQueryValueW
SetFileSecurityW
GetFileSecurityW
RegSetValueW
FreeSid
RegCloseKey
AllocateAndInitializeSid
RegEnumKeyW
RegDeleteKeyW
RegOverridePredefKey
RegCreateKeyW
RegDeleteValueW

shell32

SHChangeNotify
DragAcceptFiles
DragQueryPoint
DragQueryFileW
DragFinish
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetSpecialFolderPathW
ShellExecuteExW
SHAddToRecentDocs
SHGetFileInfoW
ExtractIconW
SHGetSpecialFolderLocation
SHGetDesktopFolder
SHAppBarMessage
ShellExecuteW

comctl32

ImageList_AddMasked
ImageList_BeginDrag
ImageList_DragEnter
ImageList_DragMove
ImageList_DragShowNolock
ImageList_DragLeave
InitCommonControlsEx
ImageList_EndDrag

shlwapi

PathFindExtensionW
PathCanonicalizeW
PathFileExistsW
PathIsRelativeW
PathRemoveFileSpecW
SHDeleteKeyW
PathRemoveExtensionW
PathRenameExtensionW
PathStripPathW
SHRegGetPathW
StrToInt64ExW
StrToIntExW
SHCreateStreamOnFileW
PathIsUNCW
PathStripToRootW
SHStrDupW
StrFormatKBSizeW
PathAddExtensionW
PathFindFileNameW

psapi

GetModuleFileNameExW

uxtheme

GetWindowTheme
GetThemeSysColor
GetCurrentThemeName
GetThemeColor
DrawThemeText
IsAppThemed
DrawThemeParentBackground
IsThemeBackgroundPartiallyTransparent
GetThemePartSize
DrawThemeBackground
CloseThemeData
OpenThemeData

ole32

StgCreateDocfile
StgOpenStorage
StgIsStorageFile
MkParseDisplayName
CreateBindCtx
CreateStreamOnHGlobal
CreateItemMoniker
GetRunningObjectTable
StringFromCLSID
CLSIDFromString
CoTaskMemFree
CoGetMalloc
OleGetClipboard
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CreateILockBytesOnHGlobal
CoLoadLibrary
CoTaskMemAlloc
OleUninitialize
StringFromGUID2
OleLockRunning
CoGetClassObject
CLSIDFromProgID
OleInitialize
CoInitializeEx
CoRegisterClassObject
CoInitialize
CoFreeUnusedLibraries
CoUninitialize
OleDuplicateData
ReleaseStgMedium
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoRegisterMessageFilter
OleIsCurrentClipboard
OleFlushClipboard
DoDragDrop
CoRevokeClassObject
CoDisconnectObject
PropVariantClear
CoCreateGuid
CoCreateInstance

oleaut32

SysAllocString
OleCreateFontIndirect
SysStringLen
LoadRegTypeLi
LoadTypeLi
VariantClear
VariantInit
SysAllocStringLen
SafeArrayCreate
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayDestroy
VarBstrCmp
VariantChangeType
SystemTimeToVariantTime
VariantTimeToSystemTime
SysFreeString
VariantCopy
LoadTypeLibEx
VarBstrFromDate

oledlg

OleUIBusyW

gdiplus

GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdiplusShutdown
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdiplusStartup
GdipGetImageEncodersSize
GdipGetImageEncoders
GdipCreateBitmapFromScan0
GdipCreateBitmapFromHBITMAP
GdipCloneImage
GdipAlloc
GdipFree
GdipDisposeImage
GdipSaveImageToFile

xmllite

CreateXmlReader

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

ws2_32

gethostbyname
inet_ntoa
gethostname

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

imm32

ImmGetOpenStatus
ImmGetContext
ImmReleaseContext

winmm

timeKillEvent
timeBeginPeriod
timeEndPeriod
PlaySoundW
timeSetEvent
timeGetTime

Sections

.text
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 846KB - Virtual size: 846KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 77KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 271KB - Virtual size: 271KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 224KB - Virtual size: 223KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2cc477f9e5bd3d42100277c79f8c629a

Headers

DLL Characteristics

File Characteristics

Imports

quartz

msdmo

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

psapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

xmllite

version

ws2_32

oleacc

imm32

winmm

Sections

.text Size: 2.8MB - Virtual size: 2.8MB

.rdata Size: 846KB - Virtual size: 846KB

.data Size: 77KB - Virtual size: 121KB

.rsrc Size: 271KB - Virtual size: 271KB

.reloc Size: 224KB - Virtual size: 223KB

.rmnet Size: 56KB - Virtual size: 60KB

.text
Size: 2.8MB - Virtual size: 2.8MB

.rdata
Size: 846KB - Virtual size: 846KB

.data
Size: 77KB - Virtual size: 121KB

.rsrc
Size: 271KB - Virtual size: 271KB

.reloc
Size: 224KB - Virtual size: 223KB

.rmnet
Size: 56KB - Virtual size: 60KB