2024-05-26_8cd35894624b4af580dbebde8dd4f5cd_bkransomware

Sharing

Copy URL

Twitter E-mail

General

Target

2024-05-26_8cd35894624b4af580dbebde8dd4f5cd_bkransomware
Size

6.6MB
MD5

8cd35894624b4af580dbebde8dd4f5cd
SHA1

dc8a497fb2383057b5262a13a5f7ab9856ddb94e
SHA256

90dc4e68bd34b5aa48e7af7f4236af0f96b0877f2f94fa9ed0f749d59567f2a4
SHA512

32717c140c6fc767b1301d00acf94e73ce4b0cc8ff848e7d9781b81685a36e6559f9b0bcde30255f14c19d2ff549ca4b3516a8bea527fcc8d1f6be5130ce9d83
SSDEEP

196608:lNZIFG3+6iRfALiPlRfTM/+trbK+Un6X:lNpu6ixAmPlRfTltrbKeX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-26_8cd35894624b4af580dbebde8dd4f5cd_bkransomware

Files

2024-05-26_8cd35894624b4af580dbebde8dd4f5cd_bkransomware
.exe windows:6 windows x86 arch:x86

342481cdf96fca495b29facb945add49

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LCMapStringW
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
ReleaseSemaphore
VirtualProtect
VirtualFree
VirtualAlloc
GetVersionExW
FreeLibraryAndExitThread
FreeLibrary
GetThreadTimes
OutputDebugStringW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcessId
QueryPerformanceCounter
WriteFile
GetModuleFileNameW
GetFileType
GetStdHandle
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
GetProcessHeap
HeapAlloc
GetStringTypeW
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetFilePointerEx
SetStdHandle
WriteConsoleW
Sleep
DeleteFileW
GetVersion
GetWindowsDirectoryW
DeviceIoControl
FileTimeToSystemTime
GetFileAttributesW
LoadResource
GetExitCodeProcess
GetFileSize
FindFirstFileW
IsDebuggerPresent
GetSystemInfo
GetThreadLocale
FormatMessageW
LoadLibraryW
GetSystemDirectoryW
SignalObjectAndWait
GetModuleHandleA
GetSystemDefaultUILanguage
HeapSize
WideCharToMultiByte
MultiByteToWideChar
GetModuleHandleExW
ExitProcess
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
CloseHandle
DuplicateHandle
WaitForSingleObject
GetCurrentProcess
GetCurrentThread
GetCurrentThreadId
GetExitCodeThread
GetSystemTimeAsFileTime
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
EncodePointer
DecodePointer
GetLastError
HeapReAlloc
GetCommandLineW
RaiseException
RtlUnwind
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
InitializeCriticalSectionAndSpinCount
CreateEventW
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetTickCount
GetModuleHandleW
GetProcAddress
CreateSemaphoreW
CreateThread
ExitThread
LoadLibraryExW
HeapFree
CreateTimerQueue
SetEvent
WaitForSingleObjectEx
SwitchToThread
SetThreadPriority
GetThreadPriority
GetLogicalProcessorInformation
CreateTimerQueueTimer
ChangeTimerQueueTimer
CreateFileW

user32

MapDialogRect
GetMessageW
ShowWindow
CreateWindowExW
UpdateWindow
ShowOwnedPopups
SetTimer
HideCaret
GetWindowRect
GetDoubleClickTime
GetMenu
SetWindowLongA
UnregisterClassA
GetWindowLongA
PeekMessageA
EnableMenuItem
AppendMenuA
GetMenuItemCount
GetDlgItemTextA
DialogBoxParamA
DestroyWindow
CharUpperBuffW
SetWindowTextW
SetCapture
KillTimer
MsgWaitForMultipleObjects
IsZoomed
GetKeyState
ModifyMenuW
GetDC
GetKeyboardState
OffsetRect
GetWindowTextA
InvalidateRect
ReleaseDC
GetDlgItem
EndDialog
DefWindowProcA
RedrawWindow
GetDesktopWindow
EnumChildWindows
IsWindow
InsertMenuW
GetDlgItemTextW
SetDlgItemTextW
SendMessageW
MapWindowPoints
EnableWindow

gdi32

ExcludeClipRect
SetPixel
SelectClipRgn
GetTextExtentPointA
CreateDIBitmap
GetStockObject
UpdateColors
CreateSolidBrush
GetBitmapBits
TranslateCharsetInfo
GetPaletteEntries
SetMapMode
CreateCompatibleBitmap
GetTextExtentExPointA
GetCharWidth32A
ExtTextOutA
SetTextColor

comdlg32

GetSaveFileNameW

advapi32

GetUserNameA
OpenSCManagerW
CloseServiceHandle
RegLoadKeyW
RegEnumKeyExW
ControlService
EqualSid
RegUnLoadKeyW

shell32

ShellExecuteExW
CommandLineToArgvW
SHGetFileInfoW
Shell_NotifyIconW

ole32

CoInitialize

oleaut32

SysFreeString
SysAllocStringLen
SafeArrayCreate
VariantCopy

Sections

.text
Size: 606KB - Virtual size: 605KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6.0MB - Virtual size: 6.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

342481cdf96fca495b29facb945add49

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 606KB - Virtual size: 605KB

.data Size: 6.0MB - Virtual size: 6.0MB

.idata Size: 5KB - Virtual size: 5KB

.reloc Size: 16KB - Virtual size: 15KB

.text
Size: 606KB - Virtual size: 605KB

.data
Size: 6.0MB - Virtual size: 6.0MB

.idata
Size: 5KB - Virtual size: 5KB

.reloc
Size: 16KB - Virtual size: 15KB