2024-06-09_e3f7fe844b58464f359bad53b4542a4d_bkransomware

Sharing

Copy URL Twitter E-mail

General

Target

2024-06-09_e3f7fe844b58464f359bad53b4542a4d_bkransomware
Size

6.7MB
MD5

e3f7fe844b58464f359bad53b4542a4d
SHA1

3ec8ce904be211ea5e8416e0f43250d4929f06ca
SHA256

839ed40c1d7df263c83ed07df78466bbecab9b1e234090f196837de16cbe083e
SHA512

dfbc7cfae99d45201df8eb52c0af1f56da31b9ed85686fc62a953abaf28a6aa8aa124d3d9d0be4b4a85ac440d0b6850dbcb459c4ad5cf3fa77eb804d113a765e
SSDEEP

196608:3G2JB2q7ZArQ1nmc/a5nBywNAyT24DWGlKxfXXaqIj:LTd7ZArwa5UnL4DkwqIj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-06-09_e3f7fe844b58464f359bad53b4542a4d_bkransomware

Files

2024-06-09_e3f7fe844b58464f359bad53b4542a4d_bkransomware
.exe windows:6 windows x86 arch:x86

699c5b087e721f0127d24255618b1428

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstFileW
MapViewOfFile
GetCurrentThread
ExpandEnvironmentStringsA
ClearCommBreak
SetCommState
TlsSetValue
IsValidLocale
GetModuleFileNameW
CreateFileW
RaiseException
GetPrivateProfileIntW
IsDBCSLeadByteEx
ResetEvent
CreateFileMappingA
QueryDosDeviceW
GetStringTypeW
VirtualProtect
DeleteCriticalSection
OpenFileMappingA
Sleep
SetStdHandle
LoadLibraryW
EnumResourceNamesW
GetConsoleMode
GetConsoleCP
FlushFileBuffers
LCMapStringW
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
ReleaseSemaphore
VirtualFree
VirtualAlloc
GetVersionExW
GetModuleHandleA
FreeLibraryAndExitThread
FreeLibrary
GetThreadTimes
OutputDebugStringW
GetEnvironmentVariableW
EnumSystemLocalesW
DeleteFileW
GetModuleFileNameA
CreatePipe
LoadLibraryA
EnterCriticalSection
FindFirstFileA
GetStartupInfoW
GetSystemTimeAdjustment
GetSystemTimeAsFileTime
GetProcessTimes
SetDllDirectoryW
SetEnvironmentVariableW
LoadResource
SetEndOfFile
VirtualQuery
TlsGetValue
CreateFileA
SetFilePointerEx
GetTempFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcessId
QueryPerformanceCounter
WriteFile
WriteConsoleW
CloseHandle
DuplicateHandle
WaitForSingleObject
GetCurrentProcess
GetCurrentThreadId
GetExitCodeThread
LeaveCriticalSection
EncodePointer
DecodePointer
GetLastError
HeapReAlloc
GetCommandLineW
RtlUnwind
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
InitializeCriticalSectionAndSpinCount
CreateEventW
TerminateProcess
TlsAlloc
TlsFree
GetTickCount
GetModuleHandleW
GetProcAddress
CreateSemaphoreW
CreateThread
ExitThread
LoadLibraryExW
HeapFree
CreateTimerQueue
SetEvent
WaitForSingleObjectEx
SignalObjectAndWait
SwitchToThread
SetThreadPriority
GetThreadPriority
GetLogicalProcessorInformation
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
GetProcessAffinityMask
SetThreadAffinityMask
RegisterWaitForSingleObject
UnregisterWait
ExitProcess
GetModuleHandleExW
MultiByteToWideChar
WideCharToMultiByte
HeapSize
HeapAlloc
GetProcessHeap
IsDebuggerPresent
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetStdHandle
GetFileType

user32

GetMessageW
ShowWindow
CreateWindowExW
SendMessageW
DestroyAcceleratorTable
CharNextW
GetMenuStringW
CreateIconIndirect
GetWindowTextW
DrawStateW
UpdateWindow
GetKeyboardType
InsertMenuW
SetDlgItemTextW
GetMonitorInfoW
GetWindow
EndPaint
LoadStringA
GetWindowInfo
DrawTextExW
GetMenuItemInfoW
GetDC
CreateDialogIndirectParamA
MonitorFromWindow
SendDlgItemMessageW
GetDesktopWindow
DrawMenuBar
ToUnicode
EnumChildWindows

gdi32

ExtCreateRegion
SetROP2
CreatePolygonRgn
GetMetaFileBitsEx
StretchBlt
GetRegionData
SetPolyFillMode
CreateBitmapIndirect
GetObjectW
CreateEnhMetaFileW
CombineRgn

comdlg32

FindTextW

advapi32

RegLoadKeyW
RegEnumKeyExW
RegQueryValueExW
RegOpenKeyExW
RegDeleteValueA
RegCloseKey

shell32

ShellExecuteExW
ShellExecuteW
CommandLineToArgvW

oleaut32

SysAllocStringLen
SafeArrayCreate

Sections

.text
Size: 721KB - Virtual size: 721KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6.0MB - Virtual size: 6.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

699c5b087e721f0127d24255618b1428

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

oleaut32

Sections

.text Size: 721KB - Virtual size: 721KB

.data Size: 6.0MB - Virtual size: 6.0MB

.idata Size: 5KB - Virtual size: 4KB

.reloc Size: 15KB - Virtual size: 14KB

.text
Size: 721KB - Virtual size: 721KB

.data
Size: 6.0MB - Virtual size: 6.0MB

.idata
Size: 5KB - Virtual size: 4KB

.reloc
Size: 15KB - Virtual size: 14KB