2024-06-01_1ddd19025e72c3e266f0d410b8db94c0_bkransomware

Sharing

Copy URL Twitter E-mail

General

Target

2024-06-01_1ddd19025e72c3e266f0d410b8db94c0_bkransomware
Size

1.8MB
MD5

1ddd19025e72c3e266f0d410b8db94c0
SHA1

f4795e7af63a661d76c318521015faa8a1b578e2
SHA256

5411ce1e27ae77f1a860505f953f3003b92bcb65ff1356c0a5c7042881f2d1fc
SHA512

b6f6ed46ce127c30b38c1ddc11d643fb1dcaa9641680192606e0344d0019f8887e4a668822f542d662c134b808d2fb0933b3102c848feafa713740745ed85dec
SSDEEP

49152:mvYR2S+ivxXkbZgyJS3jDVRPFukAWfgIKteCmigIL4b+:mgR2S+AXkbQ3dpkkAWfgFteCmigIL+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-06-01_1ddd19025e72c3e266f0d410b8db94c0_bkransomware

Files

2024-06-01_1ddd19025e72c3e266f0d410b8db94c0_bkransomware
.exe windows:5 windows x86 arch:x86

fd2ca3e51938898ed001db892429fc3a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

G:\LiTech\SecuPrint7.1(GIT)\SecuPrintCS\SecuPrint7.1\Client\spctrlotp\Release\spctrlotp.pdb

Imports

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

ole32

CoLockObjectExternal
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLockRunning
DoDragDrop
CoInitializeEx
RegisterDragDrop
CoInitialize
CoCreateInstance
CoCreateGuid
CoUninitialize
ReleaseStgMedium
OleDuplicateData
CoTaskMemAlloc
CoTaskMemFree
RevokeDragDrop
CreateStreamOnHGlobal
CoDisconnectObject
OleGetClipboard

kernel32

GetPrivateProfileStringW
SetThreadPriority
ResumeThread
GlobalFlags
InitializeCriticalSection
GlobalGetAtomNameW
FileTimeToSystemTime
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalReAlloc
GlobalHandle
LocalReAlloc
CompareStringW
GetLocaleInfoW
GetSystemDefaultUILanguage
GetCurrentDirectoryW
DeleteFileW
FindClose
FindFirstFileW
GetFullPathNameW
GetVolumeInformationW
LockFile
SetEndOfFile
UnlockFile
DuplicateHandle
GetCurrentProcess
lstrcmpiW
GetFileAttributesW
SetErrorMode
FileTimeToLocalFileTime
GetFileAttributesExW
GetFileSizeEx
GetFileTime
GetWindowsDirectoryW
SearchPathW
GetTempFileNameW
GetTempPathW
GetTickCount
GetProfileIntW
VirtualProtect
FindResourceExW
GetCommandLineW
IsDebuggerPresent
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
RtlUnwind
ExitProcess
CreateThread
ExitThread
HeapQueryInformation
GetSystemInfo
VirtualAlloc
VirtualQuery
SetStdHandle
GetFileType
GetStdHandle
GetStartupInfoW
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetTimeZoneInformation
GetStringTypeW
GetConsoleCP
GetConsoleMode
ReadConsoleW
SetFilePointerEx
LCMapStringW
WriteConsoleW
SetEnvironmentVariableA
GetVersionExW
GetCurrentThread
GlobalFindAtomW
GlobalAddAtomW
LoadLibraryA
lstrcmpW
GetFileSize
SetFilePointer
MapViewOfFile
UnmapViewOfFile
WriteFile
ReadFile
CreateFileW
FlushFileBuffers
CreateFileMappingW
CloseHandle
FreeLibrary
LoadLibraryW
GetProcAddress
WaitForSingleObject
SetEvent
Sleep
OpenMutexW
GetLastError
OpenFileMappingW
OpenEventW
ReleaseMutex
GetCurrentProcessId
OutputDebugStringW
GetModuleFileNameW
GetPrivateProfileIntW
GetModuleFileNameA
OutputDebugStringA
GetEnvironmentVariableW
GetSystemWindowsDirectoryW
GetModuleHandleExW
ProcessIdToSessionId
GetNativeSystemInfo
VerSetConditionMask
VerifyVersionInfoW
GetUserDefaultUILanguage
WritePrivateProfileStringW
WideCharToMultiByte
MultiByteToWideChar
LocalAlloc
LocalFree
HeapReAlloc
HeapAlloc
HeapFree
CompareStringA
GetProcessHeap
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
RaiseException
HeapSize
EnterCriticalSection
DecodePointer
DeleteCriticalSection
FindResourceW
LoadResource
SizeofResource
LockResource
lstrcpyW
SetLastError
GlobalLock
GlobalUnlock
MulDiv
GlobalAlloc
GlobalSize
GlobalFree
FormatMessageW
CopyFileW
EncodePointer
GetCurrentThreadId
GetSystemDirectoryW
FreeResource
GetModuleHandleA
GetModuleHandleW
LoadLibraryExW
GlobalDeleteAtom
lstrcmpA

user32

DestroyIcon
CharUpperW
BringWindowToTop
LoadAcceleratorsW
TranslateAcceleratorW
CreatePopupMenu
InsertMenuItemW
SetRectEmpty
UnpackDDElParam
ReuseDDElParam
SetParent
MonitorFromPoint
EnumDisplayMonitors
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
DrawStateW
IsRectEmpty
TrackMouseEvent
GetAsyncKeyState
GetSystemMenu
NotifyWinEvent
IsMenu
ModifyMenuW
PostThreadMessageW
ToUnicodeEx
GetKeyboardLayout
GetKeyboardState
MapVirtualKeyW
CreateAcceleratorTableW
DestroyAcceleratorTable
CopyAcceleratorTableW
EnumChildWindows
RegisterClipboardFormatW
LockWindowUpdate
SetClassLongW
GetMenuDefaultItem
GetKeyNameTextW
UnionRect
SetRect
DrawIconEx
DrawFrameControl
SetCursorPos
CharUpperBuffW
UpdateLayeredWindow
EnableScrollBar
SetMenuDefaultItem
CopyIcon
FrameRect
IsClipboardFormatAvailable
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
IsCharLowerW
MapVirtualKeyExW
SubtractRect
GetUpdateRect
GetIconInfo
HideCaret
InvertRect
GetDoubleClickTime
CreateMenu
DestroyCursor
MapDialogRect
GetComboBoxInfo
GetWindowRgn
CharLowerW
SetActiveWindow
UpdateWindow
SetCapture
SetMenu
IsDialogMessageW
SetFocus
GetDlgCtrlID
GetDlgItem
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
DestroyWindow
IsChild
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
PeekMessageW
DispatchMessageW
RegisterWindowMessageW
RemoveMenu
AppendMenuW
InsertMenuW
GetMenuItemCount
GetMenuItemID
GetMenuState
GetMenuStringW
UnhookWindowsHookEx
IntersectRect
InflateRect
FillRect
EndPaint
BeginPaint
ReleaseDC
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
GetLastActivePopup
GetWindowThreadProcessId
MessageBoxW
IsWindowEnabled
GetKeyState
SetWindowPos
IsWindow
GetSubMenu
LoadMenuW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetFocus
ScreenToClient
GetWindowRect
IsIconic
DrawIcon
GetClientRect
GetSystemMetrics
ClientToScreen
GetNextDlgGroupItem
SetWindowRgn
UnregisterClassW
PostMessageW
GetParent
WindowFromPoint
DrawEdge
GetDC
GetCapture
DrawFocusRect
OffsetRect
InvalidateRect
GetWindowLongW
SetWindowLongW
GetSysColor
GetCursorPos
SetLayeredWindowAttributes
WaitMessage
KillTimer
SetTimer
DeleteMenu
CopyImage
GetMenuItemInfoW
DestroyMenu
LoadCursorW
GetSysColorBrush
RealChildWindowFromPoint
SendDlgItemMessageA
SystemParametersInfoW
MessageBeep
IsZoomed
GetDesktopWindow
GetNextDlgTabItem
EndDialog
GetForegroundWindow
GetActiveWindow
TranslateMessage
GetMessageW
SetCursor
ShowOwnedPopups
TrackPopupMenu
PostQuitMessage
CheckDlgButton
MoveWindow
ShowWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
LoadIconW
CallNextHookEx
SetWindowsHookExW
GetWindow
GetTopWindow
GetClassNameW
GetClassLongW
PtInRect
EqualRect
MapWindowPoints
AdjustWindowRectEx
GetWindowTextLengthW
GetWindowTextW
RemovePropW
LoadBitmapW
ReleaseCapture
SendMessageW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
ValidateRect
GetMenu
SetForegroundWindow
EnableWindow
LoadImageW
SetWindowTextW
CreateDialogIndirectParamW
CopyRect

gdi32

EnumFontFamiliesExW
PtInRegion
GetBoundsRect
FrameRgn
FillRgn
GetTextFaceW
GetViewportOrgEx
SetPaletteEntries
ExtFloodFill
RoundRect
GetSystemPaletteEntries
GetPaletteEntries
GetNearestPaletteIndex
CreatePalette
Rectangle
Polyline
Polygon
CreatePolygonRgn
Ellipse
LPtoDP
CreateEllipticRgn
GetBkColor
GetTextColor
OffsetRgn
GetRgnBox
CreateRoundRectRgn
SetDIBColorTable
CreateDIBSection
SetPixel
RealizePalette
GetDIBits
SetPixelV
CreateCompatibleDC
CombineRgn
CreateCompatibleBitmap
GetObjectW
CreateRectRgn
GetWindowOrgEx
GetTextCharsetInfo
EnumFontFamiliesW
CreateDIBitmap
GetTextMetricsW
GetTextExtentPoint32W
CreateDCW
CopyMetaFileW
DPtoLP
SetRectRgn
PatBlt
CreateRectRgnIndirect
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
ExtTextOutW
TextOutW
MoveToEx
SetTextAlign
SetTextColor
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetBkMode
SetBkColor
SelectPalette
ExtSelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetObjectType
GetDeviceCaps
GetClipBox
ExcludeClipRect
Escape
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateBitmap
CreateFontIndirectW
GetStockObject
CreateSolidBrush
BitBlt
DeleteDC
StretchBlt
DeleteObject
SelectObject
SelectClipRgn
GetPixel

msimg32

AlphaBlend
TransparentBlt

advapi32

RegDeleteValueW
RegEnumKeyW
RegQueryValueW
RegEnumValueW
RegEnumKeyExW
RegDeleteKeyW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
RegSetValueExW

shell32

SHGetFileInfoW
DragQueryFileW
ShellExecuteW
SHGetDesktopFolder
SHBrowseForFolderW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetMalloc
SHAppBarMessage
DragFinish

comctl32

_TrackMouseEvent
InitCommonControlsEx

shlwapi

PathFindFileNameW
PathIsUNCW
PathStripToRootW
PathRemoveFileSpecW
PathFindExtensionW
StrFormatKBSizeW

uxtheme

GetCurrentThemeName
DrawThemeParentBackground
DrawThemeBackground
IsThemeBackgroundPartiallyTransparent
OpenThemeData
CloseThemeData
GetWindowTheme
GetThemeSysColor
DrawThemeText
GetThemeColor
IsAppThemed
GetThemePartSize

oleaut32

LoadTypeLi
VarBstrFromDate
VariantCopy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
SysAllocString
VariantChangeType
VariantClear
VariantInit
SysAllocStringLen
SysFreeString

gdiplus

GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown
GdipDrawImageRectI

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

winmm

PlaySoundW

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 345KB - Virtual size: 345KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 118KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fd2ca3e51938898ed001db892429fc3a

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

winspool.drv

ole32

kernel32

user32

gdi32

msimg32

advapi32

shell32

comctl32

shlwapi

uxtheme

oleaut32

gdiplus

oleacc

imm32

winmm

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 345KB - Virtual size: 345KB

.data Size: 26KB - Virtual size: 61KB

.rsrc Size: 19KB - Virtual size: 18KB

.reloc Size: 118KB - Virtual size: 117KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 345KB - Virtual size: 345KB

.data
Size: 26KB - Virtual size: 61KB

.rsrc
Size: 19KB - Virtual size: 18KB

.reloc
Size: 118KB - Virtual size: 117KB