2024-05-28_11d4fef1f94fa58cfc35d67fc150b1eb_bkransomware_floxif

Sharing

Copy URL

Twitter E-mail

General

Target

2024-05-28_11d4fef1f94fa58cfc35d67fc150b1eb_bkransomware_floxif
Size

2.0MB
MD5

11d4fef1f94fa58cfc35d67fc150b1eb
SHA1

c5294c0be89719ae78454668a940cc80532585df
SHA256

e106a2c3d1d3e419105e15d4493bc05cc80eb26616b3f18ef77474ee98305d88
SHA512

f6c6a636e4ecef71a5d7eeec1429cfe15bb716b275340fa1d236b62a8f93c1fddb78b79ce382fec9fc014dc62e5ddc894a2935e9e97017f0fa47951b89c5d813
SSDEEP

49152:ERvRHEMx+QVrbKK6ZJKswIIpcrq8twexAuS5wZT4pama4HNX8P8djmW:ERvKMx+QZbsZJKswIUOwexAuS5w2paml

Score

1^/10

Malware Config

Signatures

Files

2024-05-28_11d4fef1f94fa58cfc35d67fc150b1eb_bkransomware_floxif
.exe windows:5 windows x86 arch:x86

a1b0efe4285ccc903f9feab6fc740ad7

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29-04-2021 00:00

Not After

28-04-2036 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14-07-2023 00:00

Not After

13-10-2034 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0b:08:b5:d8:e4:66:de:21:ea:e1:d2:a2:76:31:29:16
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

06-09-2023 00:00

Not After

13-10-2025 23:59

Subject

CN=GRETECH CORPORATION,O=GRETECH CORPORATION,L=Shinjuku,ST=Tokyo,C=JP

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

c1:20:35:8e:e8:b6:bd:33:50:1d:e4:e3:49:41:5c:89:df:83:43:29:f9:03:42:6d:45:d6:fb:e2:52:5d:f1:d3
Signer

Actual PE Digest

c1:20:35:8e:e8:b6:bd:33:50:1d:e4:e3:49:41:5c:89:df:83:43:29:f9:03:42:6d:45:d6:fb:e2:52:5d:f1:d3

Digest Algorithm

sha256

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetOEMCP
GetCPInfo
GetStringTypeW
LCMapStringW
GetConsoleCP
GetConsoleMode
GetACP
SetFilePointerEx
OutputDebugStringW
WriteConsoleW
SetEnvironmentVariableA
VirtualFree
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
IsValidCodePage
GetTimeZoneInformation
PeekNamedPipe
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetStartupInfoW
GetStdHandle
VirtualQuery
VirtualAlloc
GetModuleHandleExW
ExitProcess
HeapQueryInformation
GetFileType
SetStdHandle
ExitThread
CreateThread
IsProcessorFeaturePresent
IsDebuggerPresent
RtlUnwind
GetSystemTimeAsFileTime
SystemTimeToTzSpecificLocalTime
FindFirstFileExW
VirtualProtect
SearchPathW
GetProfileIntW
GetTempFileNameW
VerifyVersionInfoW
VerSetConditionMask
GlobalFindAtomW
GlobalDeleteAtom
GlobalFlags
GetUserDefaultUILanguage
EncodePointer
GlobalAddAtomW
ResumeThread
LoadLibraryA
DuplicateHandle
UnlockFile
SetEndOfFile
LockFile
GetFullPathNameW
FlushFileBuffers
GetFileAttributesExW
GlobalGetAtomNameW
GetCurrentProcessId
LocalReAlloc
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetModuleHandleA
OutputDebugStringA
FileTimeToSystemTime
FileTimeToLocalFileTime
lstrcmpA
FormatMessageW
GlobalSize
FindResourceExW
lstrcpyW
InitializeCriticalSection
SetThreadPriority
CompareStringW
WideCharToMultiByte
GetVersionExA
GetVolumeInformationW
FindFirstFileW
GetFileAttributesW
CreateDirectoryW
GetCurrentDirectoryW
GetWindowsDirectoryW
GetTempPathW
GetSystemDirectoryW
GetDriveTypeW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
GetCommandLineW
LoadLibraryW
lstrlenW
lstrcpynW
GetFileTime
FindClose
GetFileSize
GetFileInformationByHandle
GetCurrentThread
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
GetTickCount
Sleep
WaitForSingleObject
LocalFree
LocalAlloc
SetCurrentDirectoryW
LoadLibraryExW
lstrcmpiW
FreeLibrary
DecodePointer
MultiByteToWideChar
GetVersionExW
CopyFileW
DeleteFileW
FindResourceW
CreateProcessW
GetModuleHandleW
GetModuleFileNameW
lstrcmpW
GetSystemInfo
MulDiv
SizeofResource
LoadResource
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
SetLastError
GetLastError
GetCurrentThreadId
RaiseException
GetCurrentProcess
FlushInstructionCache
GlobalFree
GlobalUnlock
GlobalHandle
GlobalLock
GlobalAlloc
GetProcAddress
LockResource
FreeResource
InterlockedDecrement
InterlockedIncrement
CreateFileW
CloseHandle
SetFilePointer
ReadFile
WriteFile
ReadConsoleW
GetFileSizeEx
LoadLibraryExA

user32

GetNextDlgGroupItem
GetNextDlgTabItem
CreateDialogIndirectParamW
DeleteMenu
SetCursor
ShowOwnedPopups
SendDlgItemMessageA
CopyImage
InflateRect
DestroyMenu
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextExW
PostQuitMessage
WinHelpW
GetScrollInfo
SetScrollInfo
GetTopWindow
GetClassLongW
AdjustWindowRectEx
ShowScrollBar
GetScrollRange
SetScrollRange
ScrollWindow
SetActiveWindow
UpdateWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetClassInfoW
RegisterClassW
GetMessageTime
GetMessagePos
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
IsDialogMessageW
CheckDlgButton
GetScrollPos
SetScrollPos
RealChildWindowFromPoint
CallNextHookEx
SetWindowsHookExW
GetCursorPos
ValidateRect
GetKeyState
GetActiveWindow
IsWindowVisible
GetMessageW
CharUpperW
GetSysColorBrush
GetLastActivePopup
MessageBoxW
IsWindowEnabled
UnhookWindowsHookEx
RemoveMenu
AppendMenuW
InsertMenuW
GetMenuState
GetMenuItemInfoW
ModifyMenuW
GetMenuItemCount
GetMenuItemID
GetSubMenu
WindowFromPoint
FrameRect
wsprintfW
LoadIconW
PtInRect
RemovePropW
GetPropW
SetPropW
DrawTextW
SystemParametersInfoW
DestroyIcon
GetWindowThreadProcessId
FindWindowW
EqualRect
OffsetRect
IntersectRect
CopyRect
SetForegroundWindow
GetForegroundWindow
GetSystemMetrics
BringWindowToTop
IsIconic
GetWindowPlacement
PeekMessageW
DispatchMessageW
TranslateMessage
GetMonitorInfoW
MonitorFromWindow
MapDialogRect
MapWindowPoints
SetWindowContextHelpId
GetWindowRect
EnableWindow
KillTimer
SetTimer
SetDlgItemTextW
EndDialog
ShowWindow
LoadCursorW
GetWindow
GetClassNameW
GetParent
GetDesktopWindow
SetWindowLongW
GetWindowLongW
FillRect
CharUpperBuffW
RegisterClipboardFormatW
SetMenuDefaultItem
RegisterWindowMessageW
SendMessageW
PostMessageW
DefWindowProcW
CallWindowProcW
GetSysColor
ScreenToClient
ClientToScreen
GetClientRect
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
RedrawWindow
InvalidateRgn
InvalidateRect
EndPaint
BeginPaint
ReleaseDC
GetDC
DestroyAcceleratorTable
CreateAcceleratorTableW
ReleaseCapture
SetCapture
GetFocus
SetFocus
CharNextW
GetDlgItem
DialogBoxIndirectParamW
SetWindowPos
DrawFocusRect
SetRectEmpty
IsRectEmpty
LoadImageW
DrawIconEx
GetIconInfo
MessageBeep
GetAsyncKeyState
DrawIcon
GetWindowRgn
DestroyCursor
CreateMenu
MoveWindow
DestroyWindow
IsChild
SubtractRect
GetUpdateRect
IsClipboardFormatAvailable
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
GetMenuStringW
EnableScrollBar
UnregisterClassW
RegisterClassExW
GetClassInfoExW
CopyIcon
GetDoubleClickTime
SetClassLongW
LockWindowUpdate
CreateWindowExW
IsWindow
SetParent
SetRect
SetCursorPos
CopyAcceleratorTableW
GetKeyboardState
ToUnicodeEx
MapVirtualKeyExW
IsCharLowerW
GetKeyboardLayout
WaitMessage
PostThreadMessageW
GetSystemMenu
IsZoomed
GetComboBoxInfo
TrackMouseEvent
GetKeyNameTextW
ReuseDDElParam
UnpackDDElParam
InsertMenuItemW
TranslateAcceleratorW
LoadAcceleratorsW
MonitorFromPoint
UpdateLayeredWindow
IsMenu
UnionRect
SetWindowRgn
DrawFrameControl
DrawEdge
DrawStateW
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
EnumDisplayMonitors
SetLayeredWindowAttributes
LoadMenuW
MapVirtualKeyW
GetMenuDefaultItem
CreatePopupMenu
NotifyWinEvent
InvertRect
GetDlgCtrlID
HideCaret
DrawMenuBar

gdi32

CreateRectRgn
Escape
ExcludeClipRect
GetObjectType
GetPixel
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
TextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateFontIndirectW
CombineRgn
CreateRectRgnIndirect
PatBlt
CreatePatternBrush
DPtoLP
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
GetBkColor
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
GetTextColor
CreatePolygonRgn
Polygon
Polyline
Rectangle
EnumFontFamiliesExW
GetRgnBox
OffsetRgn
CreateRoundRectRgn
FrameRgn
PtInRegion
SetPixelV
ExtFloodFill
SetPaletteEntries
FillRgn
GetBoundsRect
GetWindowOrgEx
LPtoDP
GetViewportOrgEx
GetTextFaceW
CreateHatchBrush
CreateBitmap
CreateDCW
CopyMetaFileW
SetTextColor
ExtTextOutW
MoveToEx
GetTextMetricsW
SetBkMode
SetBkColor
RoundRect
LineTo
GetTextExtentPoint32W
GetClipBox
CreatePen
GetObjectW
SelectObject
GetStockObject
GetDeviceCaps
DeleteObject
DeleteDC
CreateSolidBrush
CreateCompatibleDC
SetRectRgn
BitBlt
CreateCompatibleBitmap

msimg32

AlphaBlend
TransparentBlt

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegQueryValueExW
RegCloseKey
RegSetValueExW
RegQueryInfoKeyW
RegOpenKeyExW
RegEnumKeyExW

shell32

DragQueryFileW
ShellExecuteW
SHGetPathFromIDListW
SHGetSpecialFolderPathW
SHBrowseForFolderW
SHGetFileInfoW
SHAppBarMessage
DragFinish
ShellExecuteExW
SHGetDesktopFolder
SHGetSpecialFolderLocation

comctl32

InitCommonControlsEx
ord17

shlwapi

PathIsUNCW
PathStripToRootW
PathFindFileNameW
PathFindExtensionW
PathRemoveFileSpecW
StrFormatKBSizeW

uxtheme

GetThemePartSize
GetWindowTheme
GetThemeSysColor
IsThemeBackgroundPartiallyTransparent
DrawThemeText
DrawThemeParentBackground
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
IsAppThemed

ole32

CoTaskMemFree
CoTaskMemAlloc
StringFromGUID2
CLSIDFromString
CoCreateInstance
OleInitialize
OleUninitialize
OleLockRunning
CreateStreamOnHGlobal
CoGetClassObject
CoTaskMemRealloc
OleDuplicateData
ReleaseStgMedium
CoDisconnectObject
CoUninitialize
CoInitialize
CoInitializeEx
DoDragDrop
OleCreateMenuDescriptor
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
IsAccelerator
OleTranslateAccelerator
CLSIDFromProgID
OleDestroyMenuDescriptor

oleaut32

OleCreateFontIndirect
VarUI4FromStr
SystemTimeToVariantTime
VariantTimeToSystemTime
LoadRegTypeLi
VariantCopy
VariantChangeType
VarBstrFromDate
LoadTypeLi
VariantClear
SysStringLen
VariantInit
SysFreeString
SysAllocString
SysAllocStringLen

wintrust

WTHelperGetProvCertFromChain
WTHelperGetProvSignerFromChain
WinVerifyTrust
WTHelperProvDataFromStateData

crypt32

CertGetNameStringW

wininet

HttpQueryInfoW
HttpSendRequestW
HttpOpenRequestW
InternetSetOptionW
InternetQueryOptionW
InternetQueryDataAvailable
InternetReadFile
InternetOpenUrlW
InternetConnectW
InternetCloseHandle
InternetOpenW
InternetCanonicalizeUrlW
InternetCrackUrlW

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

winmm

PlaySoundW

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 336KB - Virtual size: 336KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 118KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 119KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a1b0efe4285ccc903f9feab6fc740ad7

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

0b:08:b5:d8:e4:66:de:21:ea:e1:d2:a2:76:31:29:16Certificate

Extended Key Usages

Key Usages

c1:20:35:8e:e8:b6:bd:33:50:1d:e4:e3:49:41:5c:89:df:83:43:29:f9:03:42:6d:45:d6:fb:e2:52:5d:f1:d3Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

wintrust

crypt32

wininet

oleacc

imm32

winmm

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 336KB - Virtual size: 336KB

.data Size: 26KB - Virtual size: 59KB

.rsrc Size: 118KB - Virtual size: 118KB

.reloc Size: 119KB - Virtual size: 119KB

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

0b:08:b5:d8:e4:66:de:21:ea:e1:d2:a2:76:31:29:16
Certificate

c1:20:35:8e:e8:b6:bd:33:50:1d:e4:e3:49:41:5c:89:df:83:43:29:f9:03:42:6d:45:d6:fb:e2:52:5d:f1:d3
Signer

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 336KB - Virtual size: 336KB

.data
Size: 26KB - Virtual size: 59KB

.rsrc
Size: 118KB - Virtual size: 118KB

.reloc
Size: 119KB - Virtual size: 119KB