General

Malware Config

Signatures

Files

• 2024-05-23_d389009b7f5239e1c899a338867558b7_bkransomware_magniber

  .exe windows:5 windows x86 arch:x86

  b911bd48d7242496c0fd10a80ab3e870

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  LockFile

  ReadFile

  SetEndOfFile

  SetFilePointer

  UnlockFile

  WriteFile

  DuplicateHandle

  GetCurrentProcess

  lstrcmpiW

  FileTimeToSystemTime

  SystemTimeToFileTime

  SetErrorMode

  FileTimeToLocalFileTime

  GetFileAttributesW

  GetFileAttributesExW

  GetFileSizeEx

  GetFileTime

  SetFileAttributesW

  GetCommandLineW

  RtlUnwind

  ExitProcess

  GetModuleHandleExW

  AreFileApisANSI

  ExitThread

  IsDebuggerPresent

  IsProcessorFeaturePresent

  HeapQueryInformation

  GetStdHandle

  GetFileType

  GetStartupInfoW

  QueryPerformanceCounter

  GetSystemTimeAsFileTime

  GetEnvironmentStringsW

  FreeEnvironmentStringsW

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  TerminateProcess

  GetTickCount

  IsValidCodePage

  GetOEMCP

  GetCPInfo

  SetConsoleCtrlHandler

  GetTimeZoneInformation

  OutputDebugStringW

  GetDateFormatW

  GetTimeFormatW

  LCMapStringW

  IsValidLocale

  GetUserDefaultLCID

  EnumSystemLocalesW

  GetStringTypeW

  GetConsoleCP

  GetConsoleMode

  SetStdHandle

  WriteConsoleW

  ReadConsoleW

  SetEnvironmentVariableA

  GetSystemDefaultLangID

  GetTempFileNameW

  CreateFileA

  MapViewOfFile

  UnmapViewOfFile

  GetVolumeInformationW

  GetLogicalDrives

  GetSystemDefaultLCID

  GetSystemPowerStatus

  GetSystemDirectoryA

  GetTempPathW

  CreateFileMappingW

  QueryDosDeviceW

  GetSystemInfo

  GetTempPathA

  FindResourceA

  MoveFileExW

  GetLogicalDriveStringsW

  OpenProcess

  Process32FirstW

  Process32NextW

  CreateToolhelp32Snapshot

  OpenFile

  SystemTimeToTzSpecificLocalTime

  CreateDirectoryW

  GetDriveTypeA

  GetFileAttributesA

  FindFirstFileA

  RemoveDirectoryW

  FindNextFileW

  GetLocalTime

  DeviceIoControl

  FindVolumeClose

  SetVolumeMountPointW

  GetVolumeInformationA

  DeleteVolumeMountPointW

  FindNextVolumeW

  GetVolumePathNamesForVolumeNameW

  DefineDosDeviceW

  SetVolumeLabelW

  GetDiskFreeSpaceExA

  GetDiskFreeSpaceExW

  FindFirstVolumeW

  GetVolumeNameForVolumeMountPointW

  lstrlenW

  TryEnterCriticalSection

  InterlockedCompareExchange

  InterlockedExchange

  PeekNamedPipe

  CreateProcessW

  GetExitCodeProcess

  CreatePipe

  InterlockedDecrement

  WaitForMultipleObjects

  GetExitCodeThread

  GetLogicalDriveStringsA

  lstrlenA

  FindFirstFileExW

  CreateFileW

  GetFullPathNameW

  GetFileSize

  FlushFileBuffers

  FindFirstFileW

  FindClose

  GetDriveTypeW

  DeleteFileW

  GlobalFlags

  GetUserDefaultUILanguage

  GetSystemDefaultUILanguage

  GetLocaleInfoW

  CompareStringW

  GetCurrentDirectoryW

  LocalReAlloc

  LocalAlloc

  GlobalHandle

  GlobalReAlloc

  TlsFree

  TlsSetValue

  TlsGetValue

  TlsAlloc

  InitializeCriticalSection

  CopyFileW

  FormatMessageW

  MulDiv

  LocalFree

  GlobalSize

  WritePrivateProfileStringW

  GetPrivateProfileStringW

  GetPrivateProfileIntW

  CreateEventW

  SetEvent

  GlobalFree

  GlobalUnlock

  GlobalFindAtomW

  GlobalAddAtomW

  LoadLibraryA

  FreeResource

  GetSystemDirectoryW

  LeaveCriticalSection

  EnterCriticalSection

  EncodePointer

  FindResourceW

  lstrcmpW

  lstrcmpA

  GlobalDeleteAtom

  GlobalLock

  GlobalAlloc

  SizeofResource

  LockResource

  LoadResource

  LoadLibraryExW

  FreeLibrary

  GetVersionExW

  GetCurrentThreadId

  GetCurrentThread

  LoadLibraryW

  GetProcAddress

  GetModuleHandleA

  GetModuleFileNameW

  SetLastError

  OutputDebugStringA

  GetACP

  WideCharToMultiByte

  MultiByteToWideChar

  GetFileInformationByHandle

  GetFullPathNameA

  SleepEx

  FormatMessageA

  ExpandEnvironmentStringsA

  GetSystemTime

  GlobalMemoryStatus

  FlushConsoleInputBuffer

  GlobalMemoryStatusEx

  GetPrivateProfileSectionNamesW

  GetPrivateProfileSectionW

  CopyFileExW

  CreateMutexW

  HeapCompact

  FlushViewOfFile

  WaitForSingleObjectEx

  UnlockFileEx

  HeapCreate

  HeapValidate

  LockFileEx

  GetDiskFreeSpaceW

  CreateFileMappingA

  GetDiskFreeSpaceA

  GetVersionExA

  DeleteFileA

  ReadConsoleInputA

  SetConsoleMode

  GetThreadTimes

  InitializeSListHead

  GetCurrentProcessId

  Sleep

  CreateThread

  CloseHandle

  WaitForSingleObject

  GetModuleHandleW

  DeleteCriticalSection

  DecodePointer

  HeapSize

  GetLastError

  RaiseException

  HeapDestroy

  InitializeCriticalSectionAndSpinCount

  GetProcessHeap

  HeapFree

  HeapAlloc

  SetFilePointerEx

  HeapReAlloc

  user32

  GetWindowTextW

  UnregisterClassW

  GetClassInfoW

  LoadIconW

  MessageBoxW

  SetRect

  OffsetRect

  RemovePropW

  GetPropW

  SetPropW

  RedrawWindow

  ValidateRect

  GetForegroundWindow

  SetActiveWindow

  UpdateWindow

  GetMenuItemCount

  GetMenuItemID

  GetSubMenu

  SetMenu

  GetMenu

  GetCapture

  GetKeyState

  GetFocus

  SetFocus

  GetDlgCtrlID

  GetDlgItem

  IsWindowVisible

  SetWindowPos

  DestroyWindow

  IsWindow

  CreateWindowExW

  GetLastActivePopup

  GetWindow

  SetWindowsHookExW

  CallNextHookEx

  WinHelpW

  MonitorFromWindow

  GetMonitorInfoW

  CreateDialogIndirectParamW

  EndDialog

  GetNextDlgTabItem

  GetActiveWindow

  IsWindowEnabled

  GetDesktopWindow

  CheckMenuItem

  EnableMenuItem

  SetMenuItemBitmaps

  GetMenuCheckMarkDimensions

  SetMenuItemInfoW

  GetClientRect

  ShowWindow

  InflateRect

  KillTimer

  SetTimer

  SetForegroundWindow

  SendMessageW

  PostMessageW

  IsZoomed

  EnableWindow

  GetDC

  ReleaseDC

  DrawTextW

  GetMessageW

  TranslateMessage

  GetCursorPos

  GetWindowRect

  AdjustWindowRectEx

  ScreenToClient

  MapWindowPoints

  GetSysColor

  CopyRect

  EqualRect

  SetCursor

  GetWindowThreadProcessId

  UnionRect

  GetCaretPos

  SetWindowRgn

  UpdateLayeredWindow

  CloseWindow

  SetCaretPos

  HideCaret

  CreateCaret

  DestroyCaret

  GetWindowRgn

  RegisterClassExW

  SendMessageA

  wsprintfW

  CloseClipboard

  ExitWindowsEx

  EnumWindows

  GetAsyncKeyState

  GetClipboardData

  GetClassInfoExW

  RegisterClassW

  CallWindowProcW

  PtInRect

  GetWindowLongW

  SetWindowLongW

  GetClassLongW

  GetClassNameW

  LoadBitmapW

  MoveWindow

  SetWindowTextW

  IsDialogMessageW

  DrawTextExW

  GrayStringW

  TabbedTextOutW

  GetWindowDC

  BeginPaint

  EndPaint

  ClientToScreen

  SetCapture

  ReleaseCapture

  WindowFromPoint

  GetTopWindow

  LoadCursorW

  CreateDesktopW

  CloseDesktop

  MessageBoxA

  GetUserObjectInformationW

  GetProcessWindowStation

  OpenClipboard

  SystemParametersInfoW

  RealChildWindowFromPoint

  InvalidateRect

  GetSystemMetrics

  SendDlgItemMessageA

  GetParent

  DestroyMenu

  GetSysColorBrush

  IsIconic

  DestroyIcon

  CharUpperW

  IntersectRect

  PostQuitMessage

  UnhookWindowsHookEx

  RegisterWindowMessageW

  DispatchMessageW

  PeekMessageW

  GetMessagePos

  GetMessageTime

  DefWindowProcW

  shell32

  ShellExecuteExW

  SHGetPathFromIDListW

  SHBrowseForFolderW

  DragAcceptFiles

  ord165

  SHGetPathFromIDListA

  SHGetMalloc

  SHGetSpecialFolderLocation

  SHGetSpecialFolderPathA

  ShellExecuteW

  DragQueryFileW

  SHGetFileInfoW

  shlwapi

  PathIsRootW

  PathIsDirectoryW

  PathCanonicalizeW

  PathIsRootA

  PathFileExistsA

  PathStripToRootW

  PathIsUNCW

  PathRemoveFileSpecW

  PathFindFileNameW

  PathFindExtensionW

  PathFileExistsW

  ws2_32

  getaddrinfo

  send

  gethostbyname

  closesocket

  socket

  recv

  WSACleanup

  setsockopt

  shutdown

  htons

  select

  freeaddrinfo

  WSAStartup

  connect

  ioctlsocket

  ntohs

  getsockopt

  getsockname

  getpeername

  WSAGetLastError

  bind

  WSASetLastError

  __WSAFDIsSet

  accept

  gethostname

  sendto

  recvfrom

  inet_addr

  listen

  oleacc

  CreateStdAccessibleObject

  LresultFromObject

  version

  GetFileVersionInfoW

  GetFileVersionInfoSizeW

  VerQueryValueW

  wininet

  InternetCrackUrlA

  InternetCanonicalizeUrlA

  imagehlp

  MakeSureDirectoryPathExists

  winmm

  timeKillEvent

  timeSetEvent

  timeGetDevCaps

  gdi32

  SetMapMode

  SetBkMode

  EnumFontFamiliesExW

  TextOutW

  ExtTextOutW

  SetViewportExtEx

  SetViewportOrgEx

  OffsetViewportOrgEx

  ScaleViewportExtEx

  ScaleWindowExtEx

  GetTextExtentPoint32W

  CreateCompatibleBitmap

  CreateFontW

  GetDIBits

  CreateDIBSection

  PtInRegion

  CreateRoundRectRgn

  CreatePolygonRgn

  FillRgn

  GetBitmapBits

  SetBitmapBits

  SetPixel

  SetWindowExtEx

  SelectObject

  SaveDC

  RestoreDC

  RectVisible

  PtVisible

  LineTo

  GetStockObject

  GetClipBox

  Escape

  DeleteObject

  DeleteDC

  CreateSolidBrush

  CreateRectRgn

  CreatePen

  CreateCompatibleDC

  BitBlt

  GetDeviceCaps

  CreateBitmap

  GetObjectW

  MoveToEx

  SetBkColor

  SetTextColor

  winspool.drv

  ClosePrinter

  OpenPrinterW

  DocumentPropertiesW

  advapi32

  RegEnumValueW

  LsaFreeMemory

  RegQueryInfoKeyW

  ControlService

  UnlockServiceDatabase

  ChangeServiceConfigW

  QueryServiceStatus

  StartServiceW

  LockServiceDatabase

  OpenServiceW

  OpenSCManagerW

  CloseServiceHandle

  AdjustTokenPrivileges

  LookupPrivilegeValueW

  LookupAccountNameW

  GetSidSubAuthorityCount

  GetUserNameW

  GetSidSubAuthority

  OpenProcessToken

  GetSidIdentifierAuthority

  LsaRetrievePrivateData

  RegQueryValueW

  RegEnumKeyW

  RegSetValueExW

  RegDeleteValueW

  RegDeleteKeyW

  RegCreateKeyExW

  RegQueryValueExW

  RegOpenKeyExW

  RegCloseKey

  LsaNtStatusToWinError

  DeregisterEventSource

  RegisterEventSourceA

  ReportEventA

  ImpersonateLoggedOnUser

  RevertToSelf

  RegQueryValueExA

  RegOpenKeyExA

  LsaOpenPolicy

  LsaClose

  ole32

  CoTaskMemFree

  CoInitializeEx

  CoInitialize

  CoCreateInstance

  CoCreateGuid

  CoUninitialize

  CreateStreamOnHGlobal

  OleSetContainedObject

  CoSetProxyBlanket

  CoInitializeSecurity

  oleaut32

  VarDateFromStr

  SafeArrayPutElement

  SafeArrayGetElement

  SafeArrayGetLBound

  SafeArrayGetUBound

  SafeArrayDestroy

  SafeArrayCreate

  VariantTimeToSystemTime

  VariantChangeType

  VariantClear

  VariantInit

  SysAllocString

  SysFreeString

  msimg32

  AlphaBlend

  comctl32

  _TrackMouseEvent

  setupapi

  SetupDiGetDeviceRegistryPropertyW

  CM_Get_Device_IDA

  CM_Get_Parent

  SetupDiDestroyDeviceInfoList

  SetupDiGetDeviceInterfaceDetailW

  SetupDiEnumDeviceInterfaces

  SetupDiGetDeviceRegistryPropertyA

  SetupDiEnumDeviceInfo

  SetupDiGetClassDevsW

  gdiplus

  GdipCreateHBITMAPFromBitmap

  GdipLoadImageFromStream

  GdipDeleteStringFormat

  GdipCreateStringFormat

  GdipDeleteFont

  GdipCreateFont

  GdipDeleteFontFamily

  GdipCreateBitmapFromFile

  GdipGetPropertyItem

  GdipGetPropertyItemSize

  GdipImageGetFrameCount

  GdipImageGetFrameDimensionsList

  GdipImageSelectActiveFrame

  GdipCreateFontFamilyFromName

  GdipDrawLineI

  GdipSetPenDashStyle

  GdipFillPath

  GdipCreateSolidFill

  GdipDeleteBrush

  GdipSetStringFormatAlign

  GdipSetStringFormatLineAlign

  GdipSetTextRenderingHint

  GdipDrawString

  GdipDrawImageRectRectI

  GdipImageGetFrameDimensionsCount

  GdipClosePathFigure

  GdipGetImageWidth

  GdipGetImageHeight

  GdipDeletePath

  GdipDrawPath

  GdipDeletePen

  GdipCreatePen1

  GdipResetClip

  GdipSetClipPath

  GdipAddPathRectangleI

  GdipAddPathEllipseI

  GdipResetPath

  GdipDrawImageRectRect

  GdipSetSmoothingMode

  GdipDisposeImage

  GdipCloneImage

  GdipAlloc

  GdipFree

  GdiplusStartup

  GdipDeleteGraphics

  GdipCreateFromHDC

  GdipAddPathLineI

  GdipAddPathArcI

  GdipCreatePath

  GdiplusShutdown

  imm32

  ImmDestroyContext

  ImmGetContext

  ImmSetCompositionWindow

  ImmReleaseContext

  ImmAssociateContext

  iphlpapi

  GetAdaptersInfo

  wlanapi

  WlanGetProfileList

  WlanFreeMemory

  WlanEnumInterfaces

  WlanOpenHandle

  WlanGetProfile

  WlanCloseHandle

  rpcrt4

  UuidFromStringW

  UuidToStringW

  RpcStringFreeW

  crypt32

  CryptUnprotectData

  CryptStringToBinaryW

  Sections

  .text

  Size: 4.3MB - Virtual size: 4.3MB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 840KB - Virtual size: 840KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 235KB - Virtual size: 288KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .vmp0

  Size: 504KB - Virtual size: 504KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 275KB - Virtual size: 275KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 28.8MB - Virtual size: 28.8MB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ