2024-05-25_79a18c9f400c893f661db161828e0696_bkransomware

Sharing

Copy URL

Twitter E-mail

General

Target

2024-05-25_79a18c9f400c893f661db161828e0696_bkransomware
Size

5.9MB
MD5

79a18c9f400c893f661db161828e0696
SHA1

563501523382d7990d91912bef4f946e8ece2ceb
SHA256

961fd3e7fdc83352307c214ab785220097d34d9a9ffa8b1251d316a43d2e3833
SHA512

d2df8dbc853bd21df5b3dbed081ce40636f72ed0af1bde04a9dcceee71286d921046493531391de070c9b27720db168528cb3771eeafc6bb3662fa36c14f1e13
SSDEEP

98304:zqq6poEJXKx+Jwc4iUG1Qv1l7adiKpipeJjY5x3ZKJ8OFWmMoWR9BqGjowNYfMW4:zh6yEJXBJwc4iUaQv1l7adiKOeJjY/er

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-25_79a18c9f400c893f661db161828e0696_bkransomware

Files

2024-05-25_79a18c9f400c893f661db161828e0696_bkransomware
.exe windows:6 windows x86 arch:x86

008524f380cfe807e8f53155d7178639

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Gunz\Gunz 1.5 Repack by Jur13n #3 (Edited)\Source 2\Gunz\Runtime\Gunz.pdb

Imports

fmod

_FSOUND_Stream_Stop@4
_FSOUND_Stream_SetMode@8
_FSOUND_Stream_GetMode@4
_FSOUND_Sample_SetMinMaxDistance@12
_FSOUND_SetOutput@4
_FSOUND_SetDriver@4
_FSOUND_SetHWND@4
_FSOUND_Stream_PlayEx@16
_FSOUND_SetMaxHardwareChannels@4
_FSOUND_Init@12
_FSOUND_Close@0
_FSOUND_Update@0
_FSOUND_GetError@0
_FSOUND_Stream_SetEndCallback@12
_FSOUND_SetMinHardwareChannels@4
_FSOUND_GetVersion@0
_FSOUND_GetNumDrivers@0
_FSOUND_GetDriverName@4
_FSOUND_GetDriverCaps@8
_FSOUND_GetMaxChannels@0
_FSOUND_Sample_Load@20
_FSOUND_Sample_GetMode@4
_FSOUND_PlaySoundEx@16
_FSOUND_StopSound@4
_FSOUND_SetVolume@8
_FSOUND_SetMute@8
_FSOUND_SetPriority@8
_FSOUND_SetPaused@8
_FSOUND_3D_SetAttributes@12
_FSOUND_3D_SetMinMaxDistance@12
_FSOUND_GetVolume@4
_FSOUND_3D_Listener_SetAttributes@32
_FSOUND_3D_SetDopplerFactor@4
_FSOUND_3D_SetDistanceFactor@4
_FSOUND_3D_SetRolloffFactor@4
_FSOUND_Stream_SetBufferSize@4
_FSOUND_Stream_Open@16
_FSOUND_Stream_Close@4
_FSOUND_Sample_Free@4

kernel32

SetEnvironmentVariableA
WriteConsoleW
CreateFileW
GetCurrentDirectoryW
GetFullPathNameW
PeekNamedPipe
EnumSystemLocalesW
IsValidLocale
LCMapStringW
lstrcmpiA
IsDebuggerPresent
SetPriorityClass
GetCurrentProcess
GetTickCount
OutputDebugStringA
Sleep
MultiByteToWideChar
GetLocalTime
DeleteCriticalSection
InitializeCriticalSectionEx
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
GetLastError
RaiseException
DecodePointer
LoadLibraryA
GlobalMemoryStatus
GetProcAddress
FreeLibrary
GetVersionExA
QueryPerformanceFrequency
QueryPerformanceCounter
lstrlenA
GetModuleFileNameA
GetWindowsDirectoryA
GetCurrentThreadId
CreateThread
LeaveCriticalSection
EnterCriticalSection
FindFirstFileA
FindClose
CreateDirectoryA
SetCurrentDirectoryA
GetVolumeInformationA
GetCurrentDirectoryA
GetModuleHandleA
ExitProcess
OpenProcess
K32EnumProcesses
K32EnumProcessModules
K32GetModuleBaseNameA
K32GetModuleFileNameExA
InitializeCriticalSection
OutputDebugStringW
GetStringTypeW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetTimeZoneInformation
GetConsoleCP
CreateEventA
CloseHandle
SetEvent
FindNextChangeNotification
WaitForMultipleObjects
OpenEventA
FindCloseChangeNotification
FindFirstChangeNotificationA
GlobalMemoryStatusEx
FindNextFileA
CreateFileA
GetCurrentProcessId
GetFileAttributesA
GetFileInformationByHandle
ReadFile
SetFileTime
WaitForSingleObject
ExitThread
WriteFile
SystemTimeToFileTime
GetCurrentThread
WideCharToMultiByte
GlobalDeleteAtom
GlobalAddAtomA
GlobalAlloc
GlobalSize
GlobalLock
GlobalUnlock
IsDBCSLeadByte
ResetEvent
SetUnhandledExceptionFilter
LoadResource
LockResource
SizeofResource
FindResourceW
TerminateProcess
GetSystemInfo
FileTimeToSystemTime
GetFileSize
MapViewOfFile
UnmapViewOfFile
CreateFileMappingA
MulDiv
SetLastError
GlobalFree
LocalFree
FormatMessageA
CopyFileA
GlobalReAlloc
lstrcmpA
InitializeCriticalSectionAndSpinCount
GetModuleFileNameW
GetModuleHandleW
LoadLibraryW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalHandle
LocalAlloc
LocalReAlloc
CompareStringA
GlobalGetAtomNameA
lstrcmpW
lstrcpyA
SetThreadPriority
ResumeThread
FlushFileBuffers
GetFullPathNameA
LockFile
SetEndOfFile
SetFilePointer
UnlockFile
DuplicateHandle
GlobalFlags
EncodePointer
GetSystemDirectoryW
FreeResource
LoadLibraryExW
FindResourceA
GlobalFindAtomA
FileTimeToLocalFileTime
GetFileAttributesExA
GetFileSizeEx
GetFileTime
CompareStringW
GetLocaleInfoW
GetUserDefaultUILanguage
GetOEMCP
GetCPInfo
GetACP
VerSetConditionMask
VerifyVersionInfoA
GetTempPathA
GetTempFileNameA
GetProfileIntA
SearchPathA
VirtualProtect
GetUserDefaultLCID
FindResourceExW
IsProcessorFeaturePresent
RtlUnwind
GetModuleHandleExW
AreFileApisANSI
GetSystemTimeAsFileTime
SystemTimeToTzSpecificLocalTime
GetCommandLineA
VirtualAlloc
VirtualQuery
HeapQueryInformation
SetStdHandle
GetFileType
UnhandledExceptionFilter
GetStartupInfoW
GetStdHandle
GetConsoleMode
ReadConsoleW
SetFilePointerEx
IsValidCodePage
GetFileAttributesExW
FindFirstFileExW
FindNextFileW
GetDriveTypeW

user32

GetClassInfoExA
IsChild
DestroyWindow
GetWindowPlacement
SetWindowPlacement
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
GetCapture
GetMenu
SetMenu
TrackPopupMenu
SetActiveWindow
GetForegroundWindow
SetForegroundWindow
RedrawWindow
ScrollWindow
SetScrollRange
GetScrollRange
ShowScrollBar
SetPropA
GetPropA
RemovePropA
AdjustWindowRectEx
MapWindowPoints
EqualRect
GetClassLongA
LoadIconW
SetScrollInfo
GetScrollInfo
WinHelpA
MonitorFromWindow
GetMonitorInfoA
IsIconic
DestroyMenu
GetMenuItemInfoA
SystemParametersInfoA
CopyImage
ShowOwnedPopups
SetCursor
DeleteMenu
SetTimer
KillTimer
InvalidateRect
CreateDialogIndirectParamA
EndDialog
GetNextDlgTabItem
GetNextDlgGroupItem
SetCapture
ReleaseCapture
WindowFromPoint
DrawFocusRect
SetRectEmpty
OffsetRect
IsRectEmpty
LoadImageA
DrawIconEx
GetIconInfo
MessageBeep
EnableScrollBar
HideCaret
InvertRect
PeekMessageA
NotifyWinEvent
CreatePopupMenu
GetMenuDefaultItem
SetLayeredWindowAttributes
EnumDisplayMonitors
DrawStateA
LoadImageW
DrawEdge
DrawFrameControl
SetWindowRgn
UnionRect
IsMenu
UpdateLayeredWindow
MonitorFromPoint
BringWindowToTop
LoadAcceleratorsA
TranslateAcceleratorA
LoadMenuA
InsertMenuItemA
UnpackDDElParam
SendDlgItemMessageA
TrackMouseEvent
LoadMenuW
GetComboBoxInfo
IsZoomed
GetSystemMenu
PostThreadMessageA
WaitMessage
IsCharLowerA
MapVirtualKeyExA
GetKeyboardState
ToAsciiEx
LoadAcceleratorsW
CreateAcceleratorTableA
DestroyAcceleratorTable
CopyAcceleratorTableA
SetRect
SetParent
LockWindowUpdate
SetClassLongA
GetDoubleClickTime
CopyIcon
SetMenuDefaultItem
ModifyMenuA
RegisterClipboardFormatA
CharUpperBuffA
FrameRect
GetClassInfoA
DefFrameProcA
DefMDIChildProcA
TranslateMDISysAccel
GetUpdateRect
SubtractRect
CreateMenu
MapDialogRect
DestroyCursor
GetWindowRgn
DrawIcon
CheckDlgButton
GetDlgItem
IsWindow
GetScrollPos
SetScrollPos
RealChildWindowFromPoint
PtInRect
SetWindowTextA
GetFocus
GetDlgCtrlID
CharUpperA
DestroyIcon
ValidateRect
IsWindowVisible
FillRect
EndPaint
BeginPaint
GetWindowDC
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
GetWindowTextLengthA
LoadCursorA
GetSysColorBrush
CallWindowProcA
GetMessageTime
GetMessagePos
RegisterWindowMessageA
LoadBitmapW
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
IntersectRect
InflateRect
CopyRect
IsDialogMessageA
MapVirtualKeyA
GetKeyNameTextA
EmptyClipboard
GetSysColor
GetSystemMetrics
GetLastActivePopup
GetWindowThreadProcessId
GetParent
GetWindow
GetTopWindow
GetClassNameA
FindWindowExA
SendMessageA
EnumWindows
GetWindowRect
GetWindowTextA
ClientToScreen
SetCursorPos
GetKeyState
GetAsyncKeyState
ShowCursor
SetFocus
ShowWindow
DefWindowProcA
PostMessageA
wsprintfA
MessageBoxA
IsClipboardFormatAvailable
GetClipboardData
CloseClipboard
OpenClipboard
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
DispatchMessageA
TranslateMessage
GetMessageA
SetClipboardData
ScreenToClient
GetCursorPos
UnregisterHotKey
GetKeyboardLayout
IsWindowEnabled
GetDesktopWindow
EnableWindow
RemoveMenu
AppendMenuA
InsertMenuA
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringA
ReleaseDC
GetDC
SetWindowLongA
GetWindowLongA
GetClientRect
MoveWindow
LoadIconA
UpdateWindow
GetActiveWindow
SetWindowPos
DrawMenuBar
CreateWindowExA
RegisterClassA
ReuseDDElParam
PostQuitMessage
LoadCursorW

gdi32

GetBkColor
RealizePalette
GetSystemPaletteEntries
GetPaletteEntries
GetNearestPaletteIndex
CreatePalette
DPtoLP
SetRectRgn
GetTextFaceA
CreateCompatibleBitmap
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
SetPixel
StretchBlt
SetDIBColorTable
CreateEllipticRgn
Ellipse
GetTextColor
CreatePolygonRgn
Polygon
Polyline
Rectangle
EnumFontFamiliesExA
GetRgnBox
OffsetRgn
CreateRoundRectRgn
RoundRect
FrameRgn
PtInRegion
GetViewportOrgEx
LPtoDP
GetWindowOrgEx
GetBoundsRect
PatBlt
CreateRectRgnIndirect
CreateFontIndirectA
CombineRgn
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
ExtTextOutA
TextOutA
MoveToEx
SetTextAlign
AddFontResourceA
RemoveFontResourceA
SetTextColor
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetBkMode
SetBkColor
SelectPalette
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
Escape
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
FillRgn
SetPixelV
ExtFloodFill
CreatePen
CreateHatchBrush
CreateCompatibleDC
CreateFontA
DeleteDC
DeleteObject
GetDeviceCaps
GetTextExtentPoint32A
SelectObject
SetMapMode
GetTextMetricsA
CreateDIBSection
GetObjectA
CreateBitmap
BitBlt
CreateDCA
CopyMetaFileA
SetPaletteEntries

shell32

SHChangeNotify
ShellExecuteA
SHAppBarMessage
SHBrowseForFolderA
DragFinish
DragQueryFileA
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetFileInfoA
SHGetSpecialFolderPathA

ole32

CoUninitialize
CoInitialize
CoCreateInstance
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLockRunning
DoDragDrop
CreateStreamOnHGlobal
CoInitializeEx
CoDisconnectObject
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
OleRun

msimg32

TransparentBlt
AlphaBlend

shlwapi

PathFindFileNameA
PathRemoveFileSpecA
PathStripPathA
StrStrIA
PathIsDirectoryA
PathSearchAndQualifyA
PathFileExistsA
PathIsUNCA
PathStripToRootA
PathFindExtensionA
PathRemoveFileSpecW
StrFormatKBSizeA

uxtheme

DrawThemeParentBackground
GetThemePartSize
GetWindowTheme
GetThemeSysColor
IsThemeBackgroundPartiallyTransparent
IsAppThemed
GetCurrentThemeName
GetThemeColor
DrawThemeBackground
CloseThemeData
OpenThemeData
DrawThemeText

imm32

ImmGetCompositionStringA
ImmNotifyIME
ImmGetOpenStatus
ImmSetConversionStatus
ImmGetConversionStatus
ImmGetCandidateListA
ImmAssociateContext
ImmReleaseContext
ImmGetContext
ImmGetDefaultIMEWnd

winmm

timeGetTime
timeGetDevCaps
PlaySoundA
timeEndPeriod
timeBeginPeriod

ws2_32

inet_ntoa
gethostbyname
gethostname
inet_addr
ntohs
bind
closesocket
connect
WSACreateEvent
htonl
sendto
recvfrom
WSAEnumNetworkEvents
WSAEventSelect
WSAWaitForMultipleEvents
WSACloseEvent
WSAGetLastError
WSACleanup
WSAStartup
socket
setsockopt
send
recv
htons
shutdown
ioctlsocket

sensapi

IsNetworkAlive

dbghelp

MiniDumpWriteDump

wininet

HttpQueryInfoA
HttpSendRequestA
HttpOpenRequestA
InternetSetStatusCallback
InternetReadFileExA
InternetConnectA
InternetCloseHandle
InternetOpenA
InternetCrackUrlA

gdiplus

GdiplusShutdown
GdipAlloc
GdipFree
GdipCloneImage
GdipDisposeImage
GdipSaveImageToFile
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipGetImageEncodersSize
GdipGetImageEncoders
GdipCreatePath
GdipDeletePath
GdipAddPathString
GdipCloneBrush
GdipDeleteBrush
GdipCreateSolidFill
GdipCreatePen1
GdipDeletePen
GdipCreateFromHDC
GdipDeleteGraphics
GdipSetSmoothingMode
GdipDrawPath
GdipGraphicsClear
GdipFillPath
GdipDeleteFontFamily
GdipCreateFontFromDC
GdipCreateFontFromLogfontA
GdipDeleteFont
GdipGetFamily
GdipDrawString
GdipStringFormatGetGenericTypographic
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreateBitmapFromStream
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipSetInterpolationMode
GdipDrawImageRectI
GdiplusStartup

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegCreateKeyA
RegOpenKeyExA
RegQueryValueExA
RegOpenKeyA
RegEnumKeyExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

oleaut32

GetErrorInfo
SysAllocStringLen
SystemTimeToVariantTime
SysAllocString
SysFreeString
SysAllocStringByteLen
VariantInit
VariantClear
VariantCopy
VariantChangeType
VariantTimeToSystemTime
LoadTypeLi
SysStringLen
VarBstrFromDate

Sections

.text
Size: 4.3MB - Virtual size: 4.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 755KB - Virtual size: 755KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 187KB - Virtual size: 26.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 401KB - Virtual size: 400KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 254KB - Virtual size: 253KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

008524f380cfe807e8f53155d7178639

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

fmod

kernel32

user32

gdi32

shell32

ole32

msimg32

shlwapi

uxtheme

imm32

winmm

ws2_32

sensapi

dbghelp

wininet

gdiplus

oleacc

winspool.drv

advapi32

oleaut32

Sections

.text Size: 4.3MB - Virtual size: 4.3MB

.rdata Size: 755KB - Virtual size: 755KB

.data Size: 187KB - Virtual size: 26.1MB

.rsrc Size: 401KB - Virtual size: 400KB

.reloc Size: 254KB - Virtual size: 253KB

.text
Size: 4.3MB - Virtual size: 4.3MB

.rdata
Size: 755KB - Virtual size: 755KB

.data
Size: 187KB - Virtual size: 26.1MB

.rsrc
Size: 401KB - Virtual size: 400KB

.reloc
Size: 254KB - Virtual size: 253KB