2024-06-24_f529f4b3b242f2431aa478c08b283eb1_bkransomware

Sharing

Copy URL Twitter E-mail

General

Target

2024-06-24_f529f4b3b242f2431aa478c08b283eb1_bkransomware
Size

6.7MB
MD5

f529f4b3b242f2431aa478c08b283eb1
SHA1

2bc3f76e8dab61ef0fdafe2c02bac9989a8cd865
SHA256

7b3b328ee4ceca51543e6c2855843350891518223c93a3ea1590c197b0da2a5a
SHA512

457ebd5fe388bb8b962301c6a7bade825b6e428f37e37922435923fc1bb1bd97b4f5275b84be6dfab5de0dfc0d4fb35ef5671d62c92af8456c7b000884035a61
SSDEEP

196608:R4Jo2IbjBObB34O+rLI755u3MM57tGha9yKF:RL2Ig94O+orhM5Iha9p

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-06-24_f529f4b3b242f2431aa478c08b283eb1_bkransomware

Files

2024-06-24_f529f4b3b242f2431aa478c08b283eb1_bkransomware
.exe windows:6 windows x86 arch:x86

271c1d0915d63eccdd721a78f10b90d8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentVariableW
GetTempFileNameW
EnumResourceNamesW
GlobalMemoryStatus
UnmapViewOfFile
VirtualQuery
SetEndOfFile
FreeLibrary
LoadResource
LoadLibraryExW
SetDllDirectoryW
SystemTimeToFileTime
CompareFileTime
SetEnvironmentVariableW
QueryPerformanceCounter
SetHandleInformation
GlobalLock
ConnectNamedPipe
WaitForSingleObjectEx
GetPrivateProfileStringW
ClearCommBreak
GetCommandLineA
GetSystemDirectoryW
WideCharToMultiByte
SizeofResource
ReadProcessMemory
GetSystemTimeAdjustment
GetFileAttributesA
GetExitCodeProcess
IsProcessorFeaturePresent
Beep
GetFileAttributesW
MulDiv
CreateProcessA
GetSystemDirectoryA
GetTimeZoneInformation
CreateFileW
GetOverlappedResult
ExitThread
SetThreadPriority
GetStartupInfoW
WritePrivateProfileStringW
RaiseException
VerifyVersionInfoW
SetLastError
GetThreadLocale
VirtualAlloc
CreateNamedPipeA
GlobalFree
GetDiskFreeSpaceW
GetLocalTime
LockResource
CreateEventW
RemoveDirectoryW
DeviceIoControl
GetSystemInfo
GetOEMCP
FindNextFileA
IsDebuggerPresent
FindNextFileW
GetStringTypeW
GetCommandLineW
TlsAlloc
DeleteFileW
GetThreadTimes
OpenFileMappingA
LocalFree
GetSystemTime
EnumSystemLocalesW
ResumeThread
DeleteFileA
SetStdHandle
LoadLibraryW
SetFilePointerEx
GetConsoleMode
FlushFileBuffers
LCMapStringW
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
ReleaseSemaphore
VirtualFree
GetVersionExW
FreeLibraryAndExitThread
OutputDebugStringW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcessId
WriteFile
GetModuleFileNameW
GetStdHandle
GetCPInfo
GetACP
IsValidCodePage
GetProcessHeap
WriteConsoleW
HeapAlloc
HeapSize
GetModuleHandleExW
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
SwitchToThread
SetEvent
ExitProcess
GetFullPathNameW
IsDBCSLeadByteEx
GetCPInfoExW
FindResourceW
lstrcpyW
CloseHandle
DeleteCriticalSection
VirtualProtect
GetModuleHandleA
GetThreadPriority
GetModuleFileNameA
EnumResourceTypesW
GetExitCodeThread
GetFileType
ResetEvent
SetThreadLocale
GetPrivateProfileIntW
MultiByteToWideChar
FileTimeToSystemTime
lstrcpynW
HeapCreate
HeapDestroy
CreateEventA
Sleep
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetProcessTimes
OpenProcess
SetCommTimeouts
VirtualQueryEx
SetCommState
GetSystemTimeAsFileTime
GetCurrentThread
GetTickCount
SignalObjectAndWait
WaitForSingleObject
HeapFree
InitializeSListHead
WaitNamedPipeA
GetCommState
VerSetConditionMask
SetErrorMode
GetDriveTypeW
RtlCaptureContext
GetLocaleInfoA
SetFilePointer
GetFileSize
GetUserDefaultUILanguage
GetDateFormatW
CreateTimerQueue
CreateThread
CreateSemaphoreW
GetProcAddress
GetModuleHandleW
TlsFree
TlsSetValue
TlsGetValue
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlUnwind
HeapReAlloc
GetLastError
DecodePointer
DuplicateHandle
GetCurrentProcess
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
EncodePointer

user32

SetMenuItemInfoW
GetWindow
CharUpperBuffW
GetMessageW
CharNextW
GetKeyState
DrawIconEx
LoadStringA
AttachThreadInput
CharLowerBuffW
EnumWindows
CreateIconIndirect
DrawFocusRect
GetMenu
MessageBoxA
GetWindowTextW
DrawStateW
EnumChildWindows
ShowWindow
GetSysColorBrush
EnableScrollBar
GetKeyboardType
CreateWindowExW
InsertMenuW
MessageBoxW
GetDlgItemTextW
SetDlgItemTextW
SendMessageW
MapWindowPoints
UpdateWindow
DestroyMenu
GetDlgCtrlID
SetWindowTextW
CheckMenuItem
IsRectEmpty
GetSubMenu
GetWindowInfo
GetMenuItemInfoW
GetDC
InflateRect
CreateDialogIndirectParamA
GetWindowLongW
CharUpperW
DestroyCursor
SendDlgItemMessageW
GetDesktopWindow
DrawMenuBar
GetMenuItemCount
BeginDeferWindowPos
GetClassNameW

gdi32

SetLayout
GetTextExtentPoint32W
SetViewportOrgEx
SetWindowExtEx
CreateFontIndirectW
GetRgnBox
GetRegionData
PlayEnhMetaFile
Ellipse
OffsetRgn
ExtCreateRegion
StretchDIBits
GetTextExtentPointW
GetBkColor
CreateBitmapIndirect
GetCharABCWidthsW
SetStretchBltMode
SetViewportExtEx
SetWinMetaFileBits
PolyPolygon
Arc
GetMetaFileBitsEx
SetTextColor
Polygon
StretchBlt
PtInRegion
SetPolyFillMode
CreatePolygonRgn

comdlg32

GetOpenFileNameW
GetSaveFileNameW

advapi32

RegSetValueExW
RegCloseKey
RegLoadKeyW
RegEnumKeyExW
ControlService
SetSecurityDescriptorOwner
QueryServiceStatus
StartServiceW
LookupPrivilegeValueW
RegQueryValueExW
OpenServiceW
AdjustTokenPrivileges
RegDeleteKeyA
RegOpenKeyExW
RegDeleteValueA
RegOpenKeyExA
RegUnLoadKeyW

shell32

SHGetFileInfoW
CommandLineToArgvW
ShellExecuteW
ShellExecuteExW

ole32

CoTaskMemFree

oleaut32

SysAllocStringLen
SafeArrayCreate
VariantCopy
VariantClear
SysReAllocStringLen
SysFreeString
VariantChangeType
VariantInit
SafeArrayGetLBound

Sections

.text
Size: 691KB - Virtual size: 691KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6.0MB - Virtual size: 6.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gTg
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

271c1d0915d63eccdd721a78f10b90d8

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 691KB - Virtual size: 691KB

.data Size: 6.0MB - Virtual size: 6.0MB

.idata Size: 8KB - Virtual size: 7KB

.gTg Size: 4KB - Virtual size: 3KB

.reloc Size: 13KB - Virtual size: 13KB

.text
Size: 691KB - Virtual size: 691KB

.data
Size: 6.0MB - Virtual size: 6.0MB

.idata
Size: 8KB - Virtual size: 7KB

.gTg
Size: 4KB - Virtual size: 3KB

.reloc
Size: 13KB - Virtual size: 13KB