General

Malware Config

Signatures

Files

• 2024-05-22_b7b2b2aa90e411fdeac989de73d038d5_bkransomware

  .exe windows:5 windows x86 arch:x86

  45779d68bf9ce2755142ee05c0b2a5e2

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  PDB Paths

  C:\work\msi\trunk\_MsiBuildSystem\bin\SfxMaker\stub.pdb

  Imports

  kernel32

  EncodePointer

  FreeResource

  LoadLibraryExW

  GlobalDeleteAtom

  lstrcmpW

  LoadLibraryA

  GlobalAddAtomW

  GlobalFindAtomW

  GetFileSizeEx

  GetFileTime

  FlushFileBuffers

  GetVolumeInformationW

  LockFile

  UnlockFile

  DuplicateHandle

  GetThreadLocale

  TlsAlloc

  TlsGetValue

  TlsSetValue

  TlsFree

  GlobalReAlloc

  GlobalHandle

  LocalAlloc

  LocalReAlloc

  GetCurrentThread

  lstrcmpA

  GetPrivateProfileIntW

  GetPrivateProfileStringW

  WritePrivateProfileStringW

  GlobalFlags

  CompareStringW

  GetLocaleInfoW

  GetSystemDefaultUILanguage

  SetErrorMode

  GetTickCount

  RtlUnwind

  ExitThread

  IsDebuggerPresent

  IsProcessorFeaturePresent

  GetSystemTimeAsFileTime

  ExitProcess

  GetModuleHandleExW

  SetStdHandle

  GetFileType

  HeapQueryInformation

  GetSystemInfo

  VirtualProtect

  VirtualQuery

  GetStartupInfoW

  QueryPerformanceCounter

  GetEnvironmentStringsW

  FreeEnvironmentStringsW

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  TerminateProcess

  IsValidCodePage

  GetOEMCP

  GetCPInfo

  GetStringTypeW

  GetTimeZoneInformation

  GetConsoleCP

  GetConsoleMode

  ReadConsoleW

  SetFilePointerEx

  OutputDebugStringW

  LCMapStringW

  IsValidLocale

  GetUserDefaultLCID

  EnumSystemLocalesW

  WriteConsoleW

  SetEnvironmentVariableA

  GlobalFree

  GlobalUnlock

  GlobalLock

  GlobalAlloc

  GetModuleHandleA

  OutputDebugStringA

  GetACP

  MulDiv

  GetVersion

  lstrlenA

  EnumResourceNamesW

  CreateProcessW

  GetCurrentProcess

  ResumeThread

  SuspendThread

  SetThreadPriority

  GetCurrentThreadId

  GetDriveTypeW

  GetCommandLineW

  GetModuleFileNameW

  LoadLibraryW

  FreeLibrary

  SetLastError

  MapViewOfFileEx

  GetFileAttributesExW

  FindResourceExW

  GetModuleHandleW

  CreateFileMappingW

  UnmapViewOfFile

  GetCurrentProcessId

  GetProcAddress

  InitializeCriticalSectionAndSpinCount

  RaiseException

  GetProcessHeap

  HeapSize

  HeapFree

  HeapReAlloc

  HeapAlloc

  DecodePointer

  Sleep

  GetExitCodeProcess

  GetFileAttributesW

  GetDiskFreeSpaceExW

  GetUserDefaultLangID

  GetUserDefaultUILanguage

  FindResourceW

  SizeofResource

  LoadResource

  LockResource

  WaitForMultipleObjects

  LeaveCriticalSection

  EnterCriticalSection

  GetStdHandle

  FileTimeToSystemTime

  SetFilePointer

  SetEndOfFile

  ReadFile

  WriteFile

  GetFileSize

  FormatMessageA

  FindNextFileW

  FindFirstFileW

  GetLogicalDriveStringsW

  FindClose

  MoveFileW

  DeleteFileW

  SetFileAttributesW

  CreateFileW

  GetFullPathNameW

  RemoveDirectoryW

  CreateDirectoryW

  GetCurrentDirectoryW

  GetTempPathW

  GetSystemDirectoryW

  lstrlenW

  SetFileTime

  FormatMessageW

  LocalFree

  FileTimeToLocalFileTime

  DeleteCriticalSection

  CreateEventW

  CloseHandle

  WaitForSingleObject

  ResetEvent

  SetEvent

  InitializeCriticalSection

  GetLastError

  GetVersionExW

  VirtualFree

  VirtualAlloc

  WideCharToMultiByte

  CreateThread

  MultiByteToWideChar

  user32

  RealChildWindowFromPoint

  IntersectRect

  LoadCursorW

  GetSysColorBrush

  MessageBeep

  GetNextDlgGroupItem

  SetWindowContextHelpId

  SetCursor

  PostQuitMessage

  GetCursorPos

  TranslateMessage

  GetMessageW

  GetDesktopWindow

  GetActiveWindow

  GetNextDlgTabItem

  EndDialog

  CreateDialogIndirectParamW

  IsDialogMessageW

  SetWindowTextW

  IsWindowEnabled

  SetDlgItemTextW

  MoveWindow

  ShowWindow

  GetMonitorInfoW

  MonitorFromWindow

  WinHelpW

  CallNextHookEx

  UnhookWindowsHookEx

  SetWindowsHookExW

  GetWindow

  GetLastActivePopup

  GetTopWindow

  GetClassNameW

  GetClassLongW

  SetWindowLongW

  GetWindowLongW

  PtInRect

  EqualRect

  DestroyMenu

  MapWindowPoints

  MessageBoxW

  AdjustWindowRectEx

  GetWindowTextLengthW

  GetWindowTextW

  RemovePropW

  GetPropW

  SetPropW

  RedrawWindow

  ValidateRect

  GetForegroundWindow

  SetActiveWindow

  UpdateWindow

  GetMenu

  GetCapture

  GetKeyState

  SetFocus

  GetDlgCtrlID

  GetDlgItem

  IsWindowVisible

  SetWindowPos

  DestroyWindow

  IsChild

  IsWindow

  CreateWindowExW

  GetClassInfoExW

  GetClassInfoW

  RegisterClassW

  CallWindowProcW

  DefWindowProcW

  GetMessageTime

  GetMessagePos

  DispatchMessageW

  LoadBitmapW

  SetMenuItemInfoW

  GetMenuCheckMarkDimensions

  SetMenuItemBitmaps

  EnableMenuItem

  CheckMenuItem

  PostThreadMessageW

  RegisterClipboardFormatW

  IsRectEmpty

  SetRect

  InvalidateRgn

  CopyAcceleratorTableW

  ReleaseCapture

  SetCapture

  GetFocus

  ScreenToClient

  OffsetRect

  CharNextW

  KillTimer

  SetTimer

  CopyRect

  ClientToScreen

  EndPaint

  BeginPaint

  GetWindowDC

  TabbedTextOutW

  GrayStringW

  DrawTextExW

  DrawTextW

  GetMenuItemCount

  GetMenuItemID

  GetSubMenu

  GetParent

  SendDlgItemMessageA

  SystemParametersInfoW

  ReleaseDC

  GetDC

  GetWindowThreadProcessId

  MsgWaitForMultipleObjects

  PeekMessageW

  FillRect

  GetSysColor

  GetClientRect

  InvalidateRect

  UnregisterClassW

  MapDialogRect

  DestroyIcon

  GetWindowRect

  SetForegroundWindow

  ReplyMessage

  RegisterWindowMessageW

  LoadIconW

  LoadImageW

  GetSystemMetrics

  PostMessageW

  SendMessageW

  EnableWindow

  CharUpperW

  SetMenu

  gdi32

  SetViewportExtEx

  SetViewportOrgEx

  SetWindowExtEx

  OffsetViewportOrgEx

  ScaleViewportExtEx

  ScaleWindowExtEx

  CreateRectRgnIndirect

  GetMapMode

  GetBkColor

  GetTextColor

  GetRgnBox

  ExtTextOutW

  TextOutW

  MoveToEx

  SetTextColor

  CreateFontIndirectW

  SetMapMode

  SetBkColor

  SelectObject

  ExtSelectClipRgn

  SaveDC

  RestoreDC

  RectVisible

  PtVisible

  LineTo

  GetWindowExtEx

  GetViewportExtEx

  GetStockObject

  GetClipBox

  Escape

  DeleteObject

  DeleteDC

  CreatePen

  CreateBitmap

  CreateSolidBrush

  GetObjectW

  GetDeviceCaps

  winspool.drv

  DocumentPropertiesW

  OpenPrinterW

  ClosePrinter

  advapi32

  RegCreateKeyExW

  RegEnumValueW

  RegQueryValueW

  RegEnumKeyW

  RegSetValueExW

  RegDeleteValueW

  RegDeleteKeyW

  RegQueryValueExW

  RegOpenKeyExW

  RegCloseKey

  shell32

  ShellExecuteW

  SHGetPathFromIDListW

  SHBrowseForFolderW

  ShellExecuteExW

  ord165

  comctl32

  InitCommonControlsEx

  shlwapi

  PathIsUNCW

  PathStripToRootW

  PathFindExtensionW

  PathFindFileNameW

  ole32

  CoFreeUnusedLibraries

  CreateILockBytesOnHGlobal

  StgOpenStorageOnILockBytes

  StgCreateDocfileOnILockBytes

  CoGetClassObject

  CLSIDFromProgID

  CLSIDFromString

  CoCreateGuid

  OleInitialize

  CoTaskMemAlloc

  CoTaskMemFree

  CoUninitialize

  OleFlushClipboard

  OleUninitialize

  CoRevokeClassObject

  CoInitialize

  CoCreateInstance

  OleIsCurrentClipboard

  CoRegisterMessageFilter

  oleaut32

  OleCreateFontIndirect

  SafeArrayDestroy

  VariantTimeToSystemTime

  SystemTimeToVariantTime

  SysStringLen

  VariantChangeType

  VariantInit

  SysAllocString

  VariantClear

  VariantCopy

  SysFreeString

  SysAllocStringLen

  oledlg

  OleUIBusyW

  oleacc

  CreateStdAccessibleObject

  LresultFromObject

  Sections

  .text

  Size: 413KB - Virtual size: 413KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 133KB - Virtual size: 133KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 17KB - Virtual size: 42KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 438KB - Virtual size: 438KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 31KB - Virtual size: 30KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ