2024-06-09_b4ef95e882fde8174e2c403933235f37_bkransomware

Sharing

Copy URL

Twitter E-mail

General

Target

2024-06-09_b4ef95e882fde8174e2c403933235f37_bkransomware
Size

6.7MB
MD5

b4ef95e882fde8174e2c403933235f37
SHA1

f12c45141684417134f4f233bfb988653a78ed68
SHA256

538e6f897d7e83021ee8271a1659cc2f0113fdcbd6597d59e36fe8ac7485c091
SHA512

dfd270d9b2ac20a35c049352c2d1c40c99893b64a756c26ec5b7a09ed51786bb010a2d79d00383d34ddb341104c6fd6d59200d395fdfb7f140321823c9d78883
SSDEEP

196608:1tyMQAka4Qfhc6c940VL+45G0XlR8UZmr0rJqxXM:DyMQGfxci0Es8UZmrKJwc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-06-09_b4ef95e882fde8174e2c403933235f37_bkransomware

Files

2024-06-09_b4ef95e882fde8174e2c403933235f37_bkransomware
.exe windows:6 windows x86 arch:x86

252d30b8ec6f35e2927a90a035cc33b9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpyW
Sleep
WriteConsoleW
SetStdHandle
SetFilePointerEx
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetStringTypeW
LCMapStringW
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
ReleaseSemaphore
SuspendThread
VirtualFree
VirtualAlloc
GetVersionExW
GetModuleHandleA
FreeLibraryAndExitThread
FreeLibrary
GetThreadTimes
OutputDebugStringW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcessId
QueryPerformanceCounter
WriteFile
GetModuleFileNameW
GetFileType
GetStdHandle
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
GetProcessHeap
HeapAlloc
HeapSize
WideCharToMultiByte
MultiByteToWideChar
GetWindowsDirectoryW
WinExec
IsDebuggerPresent
QueryDosDeviceW
GetThreadLocale
GetLastError
SetThreadLocale
SetThreadPriority
HeapCreate
FormatMessageW
SizeofResource
LoadLibraryW
CreateDirectoryW
FindResourceW
EnumCalendarInfoW
GetFileSize
EncodePointer
GetThreadPriority
ResumeThread
FileTimeToSystemTime
HeapDestroy
CompareFileTime
SetErrorMode
VirtualProtect
RtlCaptureContext
GetModuleHandleExW
ExitProcess
UnregisterWait
RegisterWaitForSingleObject
CreateFileW
SetThreadAffinityMask
GetProcessAffinityMask
CloseHandle
DuplicateHandle
WaitForSingleObject
GetCurrentProcess
GetCurrentThread
GetCurrentThreadId
GetExitCodeThread
GetSystemTimeAsFileTime
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
DecodePointer
HeapReAlloc
GetCommandLineW
RaiseException
RtlUnwind
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
InitializeCriticalSectionAndSpinCount
CreateEventW
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetTickCount
GetModuleHandleW
GetProcAddress
CreateSemaphoreW
CreateThread
ExitThread
LoadLibraryExW
HeapFree
CreateTimerQueue
SetEvent
WaitForSingleObjectEx
SignalObjectAndWait
SwitchToThread
GetLogicalProcessorInformation
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber

user32

GetMessageW
ShowWindow
CreateWindowExW
SendMessageW
UpdateWindow
ShowOwnedPopups
GetDlgItemInt
GetSystemMenu
SetTimer
SendDlgItemMessageA
TrackPopupMenu
RegisterWindowMessageW
IsZoomed
GetParent
MessageBeep
SetFocus
DrawEdge
GetCapture
GetKeyboardState
SetPropA
SetRect
GetWindowLongW
CharNextW
PeekMessageA
MonitorFromWindow
DefWindowProcA
GetSysColor
EnumChildWindows
CreatePopupMenu
PostMessageA
ScrollWindowEx
SetDlgItemTextW
EnableWindow
GetDlgCtrlID
GetMonitorInfoW
DestroyWindow
HideCaret
IsIconic
GetKeyState
CharLowerBuffW
WaitMessage
GetDC
GetScrollInfo
UnionRect
LoadMenuW
DestroyCaret
GetDesktopWindow
RemoveMenu
FlashWindow
SetMenuItemInfoW
GetWindow
SetScrollPos

gdi32

SelectObject
GetClipBox
GetBitmapBits
MoveToEx
GetTextExtentPoint32A
SetPixel
CreateCompatibleDC
RealizePalette
SelectPalette
GetDIBColorTable
GetTextExtentExPointA
GetPixel
GetStockObject
CopyEnhMetaFileA

comdlg32

FindTextW
GetSaveFileNameW
GetOpenFileNameW

advapi32

RegUnLoadKeyW
GetLengthSid
AllocateAndInitializeSid
RegGetKeySecurity
RegConnectRegistryW

shell32

ShellExecuteExW
SHGetFileInfoW
CommandLineToArgvW

oleaut32

SysFreeString
VariantInit

Sections

.text
Size: 688KB - Virtual size: 687KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6.0MB - Virtual size: 6.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

252d30b8ec6f35e2927a90a035cc33b9

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

oleaut32

Sections

.text Size: 688KB - Virtual size: 687KB

.data Size: 6.0MB - Virtual size: 6.0MB

.idata Size: 5KB - Virtual size: 5KB

.reloc Size: 15KB - Virtual size: 15KB

.text
Size: 688KB - Virtual size: 687KB

.data
Size: 6.0MB - Virtual size: 6.0MB

.idata
Size: 5KB - Virtual size: 5KB

.reloc
Size: 15KB - Virtual size: 15KB