2024-05-31_f40dd9574e9deda21b462f9a4481a2d0_bkransomware

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-31_f40dd9574e9deda21b462f9a4481a2d0_bkransomware
Size

4.2MB
MD5

f40dd9574e9deda21b462f9a4481a2d0
SHA1

08d37e0fa0f01db60783b49243f9cb309d4a09f3
SHA256

b55c6c3a7997c5c057aaa43719a9706e27192e881220d6e59fb50b607f6ace7f
SHA512

d58a1d267ba3389de658c1a3954b809c5c57d2f7a50483eead71f5ebbe237e918e39bce1a0f99096aedbc92891077ad2c48a39454e7dfb05667464bd23c0f10b
SSDEEP

98304:TJk/SJ20/pjx1RarfiW70FUMrpXnAqVQoX3gCWFLOAkGkzdnEVomFMKnPRG:TksnRUMrpXnQagCWFLOyomFMKnPw

Score

1^/10

Malware Config

Signatures

Files

2024-05-31_f40dd9574e9deda21b462f9a4481a2d0_bkransomware
.exe windows:6 windows x86 arch:x86

7144b2a49649685287efd808ee1c1d69

Code Sign

9f:ea:c8:11:b0:f1:62:47:a5:fc:20:d8:05:23:ac:e6
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

05/05/2015, 00:00

Not After

31/12/2015, 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

21:ee:4d:19:b5:c3:ac:b4:5c:47:e7:86:06:09:05:cd
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

19/01/2015, 00:00

Not After

19/01/2016, 23:59

Subject

CN=Josh Mayfield,O=Josh Mayfield,POSTALCODE=97229,STREET=16958 NW Cove Ct,L=Portland,ST=OR,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

27:66:ee:56:eb:49:f3:8e:ab:d7:70:a2:fc:84:de:22
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

30/05/2000, 10:48

Not After

30/05/2020, 10:48

Subject

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09/05/2013, 00:00

Not After

08/05/2028, 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:64:03:8c:5b:2a:f5:50:95:1c:3b:88:8c:8c:6e:c3:8c:b1:b6:a3
Signer

Actual PE Digest

0b:64:03:8c:5b:2a:f5:50:95:1c:3b:88:8c:8c:6e:c3:8c:b1:b6:a3

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\AnyPoint\Source\Repos\bitbucket\win_apps\music_applications\bin\Win32\Release\GWX_control_panel.pdb

Imports

kernel32

LCMapStringW
OutputDebugStringW
SetFilePointerEx
ReadConsoleW
GetConsoleMode
GetConsoleCP
GetStringTypeW
EnumResourceLanguagesW
EnumResourceNamesW
EnumResourceTypesW
LocalSize
OpenProcess
lstrcpynA
GetModuleFileNameA
FlushInstructionCache
WriteConsoleW
SetEnvironmentVariableA
GetTimeZoneInformation
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetStartupInfoW
GetStdHandle
GetFileType
SetStdHandle
VirtualQuery
VirtualAlloc
GetSystemInfo
HeapQueryInformation
GetModuleHandleExW
ExitProcess
IsProcessorFeaturePresent
IsDebuggerPresent
ExitThread
CreateThread
RtlUnwind
GetSystemTimeAsFileTime
GetCommandLineW
FindResourceExW
VirtualProtect
GetFileTime
GetFileAttributesExW
FileTimeToLocalFileTime
SetErrorMode
GetProfileIntW
GetTickCount
SearchPathW
GetTempPathW
lstrcmpiW
DuplicateHandle
UnlockFile
SetFilePointer
SetEndOfFile
LockFile
GetVolumeInformationW
GetFullPathNameW
FlushFileBuffers
GetFileSize
GetFileAttributesW
FileTimeToSystemTime
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
GlobalGetAtomNameW
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
lstrcpyW
CompareStringA
GetVersionExW
GetCurrentThread
GetCurrentProcessId
lstrcmpA
ResumeThread
SuspendThread
SetThreadPriority
MultiByteToWideChar
CopyFileW
FormatMessageW
MulDiv
GlobalFree
GlobalUnlock
GlobalLock
GlobalSize
GlobalAlloc
GlobalFindAtomW
GlobalAddAtomW
LoadLibraryA
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
GetModuleHandleA
FreeResource
GetCurrentThreadId
InitializeCriticalSectionAndSpinCount
SetLastError
EncodePointer
OutputDebugStringA
DeleteCriticalSection
DecodePointer
EnterCriticalSection
HeapSize
RaiseException
InitializeCriticalSectionEx
LeaveCriticalSection
GetProcessHeap
HeapFree
HeapAlloc
HeapReAlloc
GetCurrentDirectoryW
SetEvent
CreateEventW
GetLocalTime
GetWindowsDirectoryW
ResetEvent
WaitForMultipleObjects
GetSystemDirectoryW
GetModuleFileNameW
FindResourceW
LoadResource
LockResource
SizeofResource
WriteFile
WideCharToMultiByte
LocalFree
WaitForSingleObject
GetModuleHandleW
GetDateFormatW
GetTimeFormatW
GetEnvironmentVariableW
CloseHandle
GetCurrentProcess
Sleep
FindNextFileW
DeleteFileW
RemoveDirectoryW
GetTempFileNameW
ReadFile
GetFileSizeEx
CreateFileW
SetFileAttributesW
FindClose
FindFirstFileW
GetLastError
VerifyVersionInfoW
VerSetConditionMask
LoadLibraryW
FreeLibrary
GetProcAddress

user32

PostQuitMessage
SendDlgItemMessageA
ClientToScreen
EndPaint
BeginPaint
ReleaseDC
GetWindowDC
GetDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
GetDesktopWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
FillRect
InvalidateRect
DrawStateW
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
InflateRect
GetMenuItemInfoW
DestroyMenu
GetActiveWindow
TranslateMessage
GetMessageW
RemoveMenu
InsertMenuW
GetMenuState
GetMenuStringW
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
CallNextHookEx
SetWindowsHookExW
GetLastActivePopup
GetTopWindow
GetClassLongW
EqualRect
CopyRect
GetSysColor
MapWindowPoints
ScreenToClient
MessageBoxW
AdjustWindowRectEx
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
ValidateRect
GetForegroundWindow
UpdateWindow
GetMenuItemCount
SetMenu
GetMenu
GetCapture
GetKeyState
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
DrawEdge
DestroyWindow
IsChild
CreateWindowExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
PeekMessageW
DispatchMessageW
IsDialogMessageW
GetWindow
SetLayeredWindowAttributes
SetRectEmpty
EnumDisplayMonitors
GetKeyboardState
MapVirtualKeyW
GetWindowInfo
LoadAcceleratorsW
CreateAcceleratorTableW
GetParent
SetWindowLongW
GetWindowLongW
GetWindowTextLengthW
SetWindowTextW
IsWindowEnabled
GetFocus
SetFocus
GetDlgCtrlID
CheckDlgButton
GetDlgItem
SetWindowPos
MoveWindow
UnhookWindowsHookEx
UnregisterClassW
ShowWindow
DrawIcon
GetClientRect
IsIconic
AppendMenuW
GetSystemMenu
GetWindowThreadProcessId
AllowSetForegroundWindow
EnumWindows
TrackMouseEvent
IsZoomed
CharUpperW
GetAsyncKeyState
SetCapture
ReleaseCapture
DeleteMenu
MessageBeep
WindowFromPoint
NotifyWinEvent
CreatePopupMenu
GetMenuDefaultItem
IsMenu
UpdateLayeredWindow
EnableScrollBar
UnionRect
MonitorFromPoint
WaitMessage
OpenClipboard
GetWindowTextW
RegisterClassExW
DrawFrameControl
SetWindowRgn
GetSysColorBrush
DrawFocusRect
OffsetRect
IsRectEmpty
DrawIconEx
ShowOwnedPopups
SetCursor
CopyImage
LoadCursorW
RealChildWindowFromPoint
GetWindowPlacement
IntersectRect
CopyAcceleratorTableW
RegisterClipboardFormatW
GetWindowRect
PtInRect
GetSystemMetrics
ExitWindowsEx
RegisterWindowMessageW
SendMessageW
LoadImageW
DestroyIcon
LoadIconW
SetTimer
KillTimer
IsWindow
LoadMenuW
GetSubMenu
SetMenuDefaultItem
PostMessageW
GetCursorPos
LookupIconIdFromDirectoryEx
GetKeyboardLayout
CreateIconIndirect
CreateIconFromResourceEx
SendMessageTimeoutW
SetWindowLongA
GetWindowLongA
IsWindowUnicode
SetForegroundWindow
TrackPopupMenu
GetMenuItemID
GetClassNameW
FindWindowW
SystemParametersInfoW
SetParent
RedrawWindow
SetActiveWindow
EnableWindow
GetClassInfoExW
CharUpperBuffW
TranslateAcceleratorW
InsertMenuItemW
UnpackDDElParam
ReuseDDElParam
FrameRect
PostThreadMessageW
GetNextDlgGroupItem
HideCaret
InvertRect
GetKeyNameTextW
SubtractRect
MapDialogRect
IsClipboardFormatAvailable
IsCharLowerW
MapVirtualKeyExW
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
GetComboBoxInfo
CreateMenu
DestroyCursor
GetWindowRgn
ToUnicodeEx
GetUpdateRect
SetClassLongW
DestroyAcceleratorTable
ModifyMenuW
CopyIcon
GetIconInfo
GetDoubleClickTime
LockWindowUpdate
BringWindowToTop
SetRect
SetCursorPos
EmptyClipboard
SetClipboardData
CloseClipboard

gdi32

SetTextAlign
MoveToEx
TextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CombineRgn
CreateEllipticRgn
CreateRectRgnIndirect
Ellipse
GetBkColor
GetTextColor
PatBlt
CreatePolygonRgn
Polygon
Polyline
GetTextMetricsW
SetRectRgn
DPtoLP
CreateCompatibleBitmap
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
CreateRoundRectRgn
SetStretchBltMode
GetDIBits
RealizePalette
SetPixel
StretchBlt
SetDIBColorTable
Rectangle
GetRgnBox
OffsetRgn
RoundRect
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
StretchDIBits
ExtFloodFill
SetPaletteEntries
EnumFontFamiliesExW
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetViewportOrgEx
LPtoDP
GetWindowOrgEx
SetPixelV
GetTextFaceW
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetBkMode
SelectPalette
SelectObject
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetPixel
GetObjectType
GetClipRgn
GetClipBox
ExcludeClipRect
Escape
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
SetBrushOrgEx
GetStockObject
DeleteObject
CreateSolidBrush
CreateBitmap
ExtTextOutW
GetTextExtentPoint32W
GetObjectW
CreateFontIndirectW
CreateCompatibleDC
BitBlt
GetDeviceCaps
CreateDCW
CopyMetaFileW
SetTextColor
SetBkColor
CreateDIBSection
DeleteDC

msimg32

AlphaBlend
TransparentBlt

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

RegQueryInfoKeyW
RegCloseKey
RegSetValueExW
RegQueryValueExW
RegEnumKeyExW
RegDeleteKeyExW
OpenSCManagerW
CloseServiceHandle
OpenServiceW
StartServiceW
ControlServiceExW
QueryServiceStatusEx
RegOpenKeyW
OpenProcessToken
LookupPrivilegeValueW
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegOpenKeyExW
RegDeleteValueW
RegCreateKeyExW
FreeSid
SetNamedSecurityInfoW
SetEntriesInAclW
AllocateAndInitializeSid
GetTokenInformation
AdjustTokenPrivileges

shell32

SHGetFileInfoW
SHGetDesktopFolder
SHBrowseForFolderW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetMalloc
SHGetKnownFolderPath
ShellExecuteExW
ShellExecuteW
SHAppBarMessage
Shell_NotifyIconW
DragFinish
DragQueryFileW

comctl32

InitCommonControlsEx
FlatSB_GetScrollProp
_TrackMouseEvent
ImageList_Draw
ImageList_GetImageInfo
ImageList_GetBkColor
ImageList_GetIconSize
ImageList_GetImageCount
ImageList_GetIcon
ImageList_Add
ImageList_DrawIndirect
ImageList_Destroy

shlwapi

PathIsUNCW
PathStripToRootW
PathAppendW
PathRemoveBackslashW
PathIsDirectoryW
PathIsRootW
PathRemoveFileSpecW
PathFindFileNameW
PathFindExtensionW
StrFormatKBSizeW

uxtheme

GetThemePartSize
GetWindowTheme
GetThemeSysColor
IsAppThemed
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
DrawThemeText
DrawThemeParentBackground
IsThemeBackgroundPartiallyTransparent

ole32

OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleLockRunning
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
CreateStreamOnHGlobal
CoDisconnectObject
CoInitialize
CoCreateInstance
CoCreateGuid
ReleaseStgMedium
OleDuplicateData
CoTaskMemAlloc
CoTaskMemFree
CoUninitialize
CoInitializeEx

oleaut32

OleLoadPicturePath
VarBstrFromDate
VariantCopy
SysStringLen
LoadTypeLi
SysAllocString
SysAllocStringByteLen
SysStringByteLen
SysFreeString
VariantChangeType
VariantClear
VariantInit
SysAllocStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime

gdiplus

GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipDrawImageRectI
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdiplusShutdown
GdipAlloc
GdipFree
GdipBitmapUnlockBits

dbghelp

ImageDirectoryEntryToData

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundW

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 463KB - Virtual size: 462KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 35KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 141KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7144b2a49649685287efd808ee1c1d69

Code Sign

9f:ea:c8:11:b0:f1:62:47:a5:fc:20:d8:05:23:ac:e6Certificate

Extended Key Usages

Key Usages

21:ee:4d:19:b5:c3:ac:b4:5c:47:e7:86:06:09:05:cdCertificate

Extended Key Usages

Key Usages

27:66:ee:56:eb:49:f3:8e:ab:d7:70:a2:fc:84:de:22Certificate

Key Usages

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:afCertificate

Extended Key Usages

Key Usages

0b:64:03:8c:5b:2a:f5:50:95:1c:3b:88:8c:8c:6e:c3:8c:b1:b6:a3Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

gdiplus

dbghelp

version

oleacc

imm32

winmm

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.rdata Size: 463KB - Virtual size: 462KB

.data Size: 35KB - Virtual size: 72KB

.rsrc Size: 2.0MB - Virtual size: 2.0MB

.reloc Size: 141KB - Virtual size: 140KB

9f:ea:c8:11:b0:f1:62:47:a5:fc:20:d8:05:23:ac:e6
Certificate

21:ee:4d:19:b5:c3:ac:b4:5c:47:e7:86:06:09:05:cd
Certificate

27:66:ee:56:eb:49:f3:8e:ab:d7:70:a2:fc:84:de:22
Certificate

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

0b:64:03:8c:5b:2a:f5:50:95:1c:3b:88:8c:8c:6e:c3:8c:b1:b6:a3
Signer

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 463KB - Virtual size: 462KB

.data
Size: 35KB - Virtual size: 72KB

.rsrc
Size: 2.0MB - Virtual size: 2.0MB

.reloc
Size: 141KB - Virtual size: 140KB