2024-06-03_22dd3ff1233be5de38c8d4460d9b5e5d_bkransomware

Sharing

Copy URL Twitter E-mail

General

Target

2024-06-03_22dd3ff1233be5de38c8d4460d9b5e5d_bkransomware
Size

4.6MB
MD5

22dd3ff1233be5de38c8d4460d9b5e5d
SHA1

06d273cafdfb6890d36b81aec6d25e1f00c306d7
SHA256

8238f245b3b744db6b0b3383b481a2e50ef2e1f9968649d97601583500422c1d
SHA512

44904e5f452074e9099e93fe0f47284489f5fac9d04ded76c90de7ff9e7d41df3c30e53edbe3b218a1db96faf3acb8e67dfa0634dcc6264257031b76653043bb
SSDEEP

98304:pDqPpWhmvNqvs/H7WVVish/Rm9cKvWgDE6bkB:pDqMvJVjoOgDE6bY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-06-03_22dd3ff1233be5de38c8d4460d9b5e5d_bkransomware

Files

2024-06-03_22dd3ff1233be5de38c8d4460d9b5e5d_bkransomware
.exe windows:6 windows x86 arch:x86

3f9e5a4930220f1e0ccbfe2302d8e4b7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\dev\pt64_en\Release\PowerTool.pdb

Imports

kernel32

GetSystemInfo
VirtualQuery
HeapQueryInformation
GetStdHandle
GetStartupInfoW
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetStringTypeW
SetStdHandle
GetTimeFormatW
LCMapStringW
IsValidLocale
EnumSystemLocalesW
GetConsoleCP
GetConsoleMode
ReadConsoleW
WriteConsoleW
SetEnvironmentVariableA
GetModuleHandleExW
ExitProcess
GetTimeZoneInformation
GetFileType
RtlUnwind
GetSystemTimeAsFileTime
IsProcessorFeaturePresent
IsDebuggerPresent
ExitThread
GetCommandLineW
FindResourceExW
VirtualProtect
SearchPathW
GetProfileIntW
GetUserDefaultLCID
GetTempFileNameW
VerifyVersionInfoW
VerSetConditionMask
GetFileTime
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
GlobalFlags
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GlobalGetAtomNameW
GetThreadLocale
UnlockFile
SetEndOfFile
LockFile
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
CompareStringA
GlobalFindAtomW
GlobalAddAtomW
GlobalDeleteAtom
EncodePointer
ResumeThread
SuspendThread
CreateEventW
SetEvent
FreeResource
FormatMessageW
MulDiv
GlobalSize
SetFilePointerEx
MapViewOfFileEx
QueryDosDeviceW
SetLastError
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetExitCodeThread
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
SetProcessWorkingSetSize
DecodePointer
HeapSize
RaiseException
InitializeCriticalSectionEx
HeapReAlloc
SetProcessPriorityBoost
GetCurrentThread
SetThreadPriority
SetPriorityClass
GetFullPathNameW
SetHandleInformation
LoadLibraryExW
IsBadReadPtr
lstrcmpW
GetSystemWow64DirectoryW
DeleteFileA
ExpandEnvironmentStringsW
GetExitCodeProcess
TerminateProcess
LocalAlloc
GetVolumeInformationA
CopyFileA
GetDiskFreeSpaceA
IsBadStringPtrW
FileTimeToSystemTime
FileTimeToLocalFileTime
GetVolumeInformationW
DuplicateHandle
CreateThread
DeleteCriticalSection
InitializeCriticalSection
GetCurrentThreadId
GetModuleFileNameA
GetFileAttributesExA
RemoveDirectoryW
CreateDirectoryW
GetFileAttributesExW
HeapFree
GetProcessHeap
HeapAlloc
lstrcmpiW
lstrcmpA
LoadLibraryA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
lstrlenA
GlobalFree
GetTickCount
FlushFileBuffers
CreateRemoteThread
VirtualFreeEx
WriteProcessMemory
VirtualAllocEx
GetModuleHandleA
VirtualFree
VirtualAlloc
MoveFileW
CopyFileW
DefineDosDeviceW
lstrcatW
lstrcpyW
Process32NextW
Process32FirstW
GetCurrentProcess
DeleteFileW
WideCharToMultiByte
IsWow64Process
OutputDebugStringA
Wow64RevertWow64FsRedirection
Wow64DisableWow64FsRedirection
GetWindowsDirectoryW
GetSystemDirectoryA
GetVersion
CreateFileA
GetVersionExW
lstrlenW
LocalFree
GetFileSize
WriteFile
SetFilePointer
GetCurrentDirectoryW
GetSystemWindowsDirectoryW
GetSystemDirectoryW
GetEnvironmentVariableW
GetLongPathNameW
GetFileAttributesW
SetErrorMode
GetTempPathW
ReadFile
GetFileSizeEx
CreateFileW
GetModuleFileNameW
OutputDebugStringW
GetProcAddress
LoadLibraryW
FreeLibrary
GetModuleHandleW
FindClose
GetCurrentProcessId
Module32NextW
Module32FirstW
CreateToolhelp32Snapshot
OpenProcess
DeviceIoControl
GetLastError
DebugBreak
Sleep
TerminateThread
WaitForSingleObject
GetDriveTypeW
GetLogicalDrives
MoveFileExW
SetFileAttributesW
GlobalUnlock
GlobalLock
GlobalAlloc
FindResourceW
LoadResource
LockResource
SizeofResource
MultiByteToWideChar
CloseHandle
FindNextFileW
FindFirstFileW
GetDateFormatW

user32

IsDialogMessageW
GetWindowTextLengthW
SetWindowTextW
CheckDlgButton
MoveWindow
SendDlgItemMessageA
GetDesktopWindow
SetActiveWindow
IsWindowEnabled
GetActiveWindow
GetNextDlgTabItem
GetDlgItem
EndDialog
CreateDialogIndirectParamW
DestroyWindow
RemoveMenu
AppendMenuW
InsertMenuW
GetMenuItemCount
GetMenuItemID
GetMenuState
GetMenuStringW
CharLowerW
CopyIcon
ClipCursor
TrackMouseEvent
SetWindowPos
UpdateWindow
SetWindowLongW
GrayStringW
DrawTextExW
TabbedTextOutW
PostMessageW
WindowFromPoint
KillTimer
ReleaseCapture
GetKeyNameTextW
MapVirtualKeyW
SetMenuItemBitmaps
DrawStateW
DrawEdge
GetClientRect
SendMessageW
GetPropW
DispatchMessageW
GetMessageW
SetCapture
GetCapture
GetDlgCtrlID
DrawTextW
DrawFrameControl
IsRectEmpty
PtInRect
ClientToScreen
InvalidateRect
InflateRect
ValidateRect
GetFocus
GetKeyState
GetWindow
CopyRect
GetParent
RedrawWindow
UnregisterClassW
DrawIcon
IsIconic
SetTimer
GetSystemMenu
IsWindowVisible
GetWindowLongW
GetClassNameW
EnumWindows
GetWindowTextW
ModifyMenuW
GetMessagePos
UnhookWindowsHookEx
LoadBitmapW
OffsetRect
DestroyIcon
ReleaseDC
GetDC
LoadIconW
ScreenToClient
SetWindowRgn
GetSystemMetrics
CheckMenuItem
GetMenuItemInfoW
EnableMenuItem
IsWindow
SetCursor
LoadCursorW
GetWindowRect
GetWindowThreadProcessId
SetFocus
FindWindowExW
SetForegroundWindow
WaitForInputIdle
FindWindowW
ExitWindowsEx
ShowWindow
EnableWindow
GetSysColor
wsprintfW
GetSubMenu
GetMenuCheckMarkDimensions
SetMenuItemInfoW
GetLastActivePopup
TranslateMessage
PeekMessageW
SetWindowsHookExW
CallNextHookEx
DestroyMenu
SystemParametersInfoW
RegisterWindowMessageW
GetMessageTime
DefWindowProcW
CallWindowProcW
RegisterClassW
GetClassInfoW
GetClassInfoExW
CreateWindowExW
IsChild
GetWindowPlacement
SetWindowPlacement
BeginDeferWindowPos
LoadMenuW
GetCursorPos
CloseClipboard
SetClipboardData
DeferWindowPos
EndDeferWindowPos
GetMenu
SetMenu
TrackPopupMenu
GetForegroundWindow
ScrollWindow
SetScrollPos
GetScrollPos
SetScrollRange
GetScrollRange
ShowScrollBar
RemovePropW
AdjustWindowRectEx
MapWindowPoints
EqualRect
GetClassLongW
GetTopWindow
SetScrollInfo
GetScrollInfo
WinHelpW
SetPropW
IsMenu
UpdateLayeredWindow
MonitorFromPoint
GetComboBoxInfo
MessageBoxW
OpenClipboard
EmptyClipboard
IsZoomed
PostThreadMessageW
GetKeyboardLayout
IsCharLowerW
MapVirtualKeyExW
ToUnicodeEx
GetKeyboardState
CreateAcceleratorTableW
DestroyAcceleratorTable
SetCursorPos
SetClassLongW
GetDoubleClickTime
SetMenuDefaultItem
CharUpperBuffW
FrameRect
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
GetUpdateRect
SubtractRect
CreateMenu
DestroyCursor
GetWindowRgn
SetLayeredWindowAttributes
LockWindowUpdate
RegisterClipboardFormatW
NotifyWinEvent
InvertRect
HideCaret
EnableScrollBar
GetAsyncKeyState
GetIconInfo
DrawIconEx
DrawFocusRect
GetMenuDefaultItem
SetParent
UnionRect
IsClipboardFormatAvailable
MessageBeep
GetNextDlgGroupItem
SetRect
InvalidateRgn
CopyAcceleratorTableW
CharNextW
DeleteMenu
CopyImage
RealChildWindowFromPoint
GetSysColorBrush
EnumDisplayMonitors
ReuseDDElParam
UnpackDDElParam
LoadImageW
SetRectEmpty
InsertMenuItemW
CreatePopupMenu
TranslateAcceleratorW
LoadAcceleratorsW
BringWindowToTop
WaitMessage
CharUpperW
ShowOwnedPopups
MapDialogRect
SetWindowContextHelpId
PostQuitMessage
IntersectRect
FillRect
EndPaint
BeginPaint
GetWindowDC
GetMonitorInfoW
MonitorFromWindow

gdi32

MoveToEx
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CombineRgn
GetMapMode
SetRectRgn
DPtoLP
GetTextMetricsW
GetBkColor
GetRgnBox
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
CreateDIBitmap
GetTextCharsetInfo
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
CreatePolygonRgn
Polygon
Polyline
EnumFontFamiliesExW
OffsetRgn
CreateRoundRectRgn
RoundRect
FrameRgn
PtInRegion
SetPixelV
ExtFloodFill
SetPaletteEntries
FillRgn
GetBoundsRect
GetWindowOrgEx
LPtoDP
GetViewportOrgEx
GetTextFaceW
SetTextAlign
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetBkMode
SelectPalette
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetObjectType
ExcludeClipRect
CreatePatternBrush
CreateHatchBrush
SetBkColor
CreateBitmap
PatBlt
GetDeviceCaps
CreateDCW
CreateRectRgnIndirect
GetTextExtentPoint32W
CreateFontW
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetPixel
SetPixel
GetTextColor
CreateFontIndirectW
SetTextColor
DeleteObject
GetObjectW
CreatePen
GetClipBox
DeleteDC
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
Rectangle
SelectObject
GetStockObject
CreateSolidBrush
EnumFontFamiliesW
CopyMetaFileW
CreateRectRgn

msimg32

AlphaBlend
TransparentBlt

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

QueryServiceConfigW
RegEnumKeyExW
RegCloseKey
RegQueryValueExW
RegCreateKeyExW
RegSetValueExW
RegQueryValueW
BuildExplicitAccessWithNameW
DeleteAce
GetNamedSecurityInfoW
OpenThreadToken
RegEnumKeyW
RegDeleteValueW
RegCreateKeyW
UnlockServiceDatabase
ChangeServiceConfigW
LockServiceDatabase
DeleteService
ControlService
StartServiceW
QueryServiceConfig2W
RegOpenKeyExW
QueryServiceStatus
OpenServiceW
EnumServicesStatusW
LookupPrivilegeDisplayNameW
LookupPrivilegeNameW
CloseServiceHandle
EnumServicesStatusExW
OpenSCManagerW
GetAce
GetAclInformation
EqualSid
GetSidSubAuthority
GetSidSubAuthorityCount
GetSidIdentifierAuthority
IsValidSid
GetSecurityDescriptorDacl
IsValidSecurityDescriptor
FreeSid
SetNamedSecurityInfoW
SetEntriesInAclW
AllocateAndInitializeSid
LookupAccountSidW
GetTokenInformation
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegEnumValueW
RegDeleteKeyW

shell32

SHGetDesktopFolder
SHGetPathFromIDListW
SHGetSpecialFolderPathW
CommandLineToArgvW
ExtractIconExW
SHGetMalloc
ShellExecuteExW
ShellExecuteW
ShellExecuteA
DragAcceptFiles
DragQueryFileW
SHChangeNotify
Shell_NotifyIconW
SHGetFileInfoW
DragFinish
SHGetSpecialFolderLocation
SHAppBarMessage
SHBrowseForFolderW

comctl32

ImageList_AddMasked
InitCommonControlsEx
ImageList_ReplaceIcon

shlwapi

PathIsUNCW
PathFileExistsW
PathIsDirectoryW
StrStrIW
PathStripToRootW
PathFindFileNameW
UrlUnescapeW
PathFindExtensionW
PathRemoveFileSpecW
StrFormatKBSizeW

uxtheme

GetThemePartSize
DrawThemeText
DrawThemeBackground
IsThemeBackgroundPartiallyTransparent
DrawThemeParentBackground
OpenThemeData
CloseThemeData
IsAppThemed
GetThemeColor
GetCurrentThemeName
GetThemeSysColor
GetWindowTheme

ole32

CoInitializeEx
CoTaskMemFree
CoInitialize
CoUninitialize
CoCreateInstance
OleFlushClipboard
CoRevokeClassObject
CreateStreamOnHGlobal
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CreateILockBytesOnHGlobal
CoInitializeSecurity
StgCreateDocfileOnILockBytes
CoGetClassObject
CoSetProxyBlanket
CoTaskMemAlloc
OleDuplicateData
ReleaseStgMedium
StgOpenStorageOnILockBytes
RevokeDragDrop
RegisterDragDrop
OleGetClipboard
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLockRunning
DoDragDrop
CoRegisterMessageFilter
CoDisconnectObject
OleIsCurrentClipboard
CoCreateGuid
CLSIDFromString
CLSIDFromProgID
CoLockObjectExternal

oleaut32

SysAllocString
SysFreeString
VariantClear
VariantInit
VariantChangeType
VariantTimeToSystemTime
VariantTimeToDosDateTime
SysAllocStringLen
SysStringLen
SystemTimeToVariantTime
SafeArrayDestroy
OleCreateFontIndirect
LoadTypeLi
VarBstrFromDate
VariantCopy

oledlg

OleUIBusyW

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

wininet

InternetSetStatusCallbackW
InternetGetLastResponseInfoW
InternetQueryOptionW
InternetQueryDataAvailable
InternetSetFilePointer
InternetOpenUrlW
InternetCanonicalizeUrlW
InternetCrackUrlW
InternetReadFile
HttpQueryInfoW
HttpEndRequestW
InternetWriteFile
HttpSendRequestExW
InternetSetOptionW
InternetCloseHandle
HttpOpenRequestW
InternetConnectW
InternetOpenW

psapi

EnumProcessModules
GetModuleInformation
GetModuleFileNameExW

netapi32

NetUserEnum
NetApiBufferFree
NetShareDel
NetShareEnum

ws2_32

WSACleanup
WSCGetProviderPath
WSCEnumProtocols
WSAStartup

imagehlp

ImageGetCertificateHeader

crypt32

CertGetNameStringW
CertNameToStrW

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

gdiplus

GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown
GdipDrawImageRectI

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

winmm

PlaySoundW

Sections

.text
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 888KB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 177KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3f9e5a4930220f1e0ccbfe2302d8e4b7

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

version

wininet

psapi

netapi32

ws2_32

imagehlp

crypt32

oleacc

gdiplus

imm32

winmm

Sections

.text Size: 2.5MB - Virtual size: 2.5MB

.data Size: 888KB - Virtual size: 2.1MB

.idata Size: 20KB - Virtual size: 20KB

.rsrc Size: 1.0MB - Virtual size: 1.0MB

.reloc Size: 177KB - Virtual size: 176KB

.text
Size: 2.5MB - Virtual size: 2.5MB

.data
Size: 888KB - Virtual size: 2.1MB

.idata
Size: 20KB - Virtual size: 20KB

.rsrc
Size: 1.0MB - Virtual size: 1.0MB

.reloc
Size: 177KB - Virtual size: 176KB