2024-06-25_7c44572e5e1e0c4a599e83b79d56afb4_bkransomware

Sharing

Copy URL Twitter E-mail

General

Target

2024-06-25_7c44572e5e1e0c4a599e83b79d56afb4_bkransomware
Size

6.7MB
MD5

7c44572e5e1e0c4a599e83b79d56afb4
SHA1

db84c726f64c191d2a08ae6903d2a3b2cf35efd3
SHA256

14687ac5e28ef7d5e9266c1e73ff30c82c00ae65dd76e25c520b51e2229f2309
SHA512

377d4d51cce58d653e7f1ec52cb5a3a36a040a36f964daaa6a43422bd276bd975a99319ba138231b158668ee10b2ea4d76ee5557d5724085d4e1c38fe82d1f50
SSDEEP

196608:1SdZNSgDdqNUrTHHU0C/jkBog7UjrsV/oS8rf8FIiuSYpbX:1mXSgDdr8+VDM0FIfb

Score

10^/10

Malware Config

Signatures

Detects executables packed with VMProtect. 1 IoCs

resource	yara_rule
sample	INDICATOR_EXE_Packed_VMProtect

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-06-25_7c44572e5e1e0c4a599e83b79d56afb4_bkransomware

Files

2024-06-25_7c44572e5e1e0c4a599e83b79d56afb4_bkransomware
.exe windows:5 windows x86 arch:x86

4e7fdab5a4937ced3bda281031c13b2e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCPInfo
GetStringTypeW
GetTimeZoneInformation
GetDateFormatW
GetTimeFormatW
LCMapStringW
TerminateProcess
GetOEMCP
GetConsoleMode
ReadConsoleW
SetFilePointerEx
OutputDebugStringW
WriteConsoleW
SetEnvironmentVariableA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
lstrlenA
GetACP
IsValidCodePage
GetConsoleCP
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetStartupInfoW
GetStdHandle
HeapQueryInformation
ExitThread
CreateThread
GetFileType
SetStdHandle
RtlUnwind
HeapReAlloc
GetModuleHandleExW
CreateDirectoryW
IsProcessorFeaturePresent
IsDebuggerPresent
GetSystemTimeAsFileTime
VirtualQuery
VirtualAlloc
GetSystemInfo
FindResourceExW
SetErrorMode
SearchPathW
GetWindowsDirectoryW
LocalFileTimeToFileTime
GetFileSizeEx
GetFileAttributesExW
FileTimeToLocalFileTime
MoveFileW
lstrcmpiW
DuplicateHandle
UnlockFile
SetEndOfFile
LockFile
GetVolumeInformationW
FlushFileBuffers
FindFirstFileW
FindClose
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
GlobalFlags
VerifyVersionInfoW
VerSetConditionMask
LocalReAlloc
LocalAlloc
GlobalHandle
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
GetCurrentThread
ResumeThread
SuspendThread
SetThreadPriority
CreateEventW
WaitForSingleObject
SetEvent
lstrcmpA
GetProfileIntW
ReplaceFileW
SetFileTime
GetTempFileNameW
GetFullPathNameW
GetFileTime
GetFileAttributesW
GetDiskFreeSpaceW
GetThreadLocale
SystemTimeToFileTime
FileTimeToSystemTime
GlobalGetAtomNameW
GlobalFindAtomW
GlobalAddAtomW
LoadLibraryA
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
GetSystemDirectoryW
EncodePointer
GetCurrentThreadId
FreeResource
OutputDebugStringA
SetLastError
CopyFileW
FormatMessageW
LocalFree
FreeLibrary
LoadLibraryW
lstrcpyW
GetShortPathNameW
lstrcpynW
ExitProcess
SetCurrentDirectoryW
GetCurrentDirectoryW
GetCurrentProcessId
GetCommandLineW
DeleteFileW
GetModuleHandleW
MulDiv
GlobalSize
GlobalReAlloc
GlobalFree
InterlockedExchange
GlobalUnlock
GlobalLock
GlobalAlloc
Sleep
MultiByteToWideChar
GetTickCount
GetTempPathW
GetTempPathA
WriteProcessMemory
GetCurrentProcess
ReadProcessMemory
VirtualProtect
GetProcAddress
GetModuleHandleA
InterlockedDecrement
InterlockedIncrement
GetModuleFileNameW
lstrlenW
FindResourceW
LoadResource
LockResource
SizeofResource
GetVersionExW
CloseHandle
CreateFileW
ReadFile
WriteFile
SetFilePointer
GetFileSize
CreateFileA
AreFileApisANSI
DeleteCriticalSection
DecodePointer
SetFileAttributesA
EnterCriticalSection
HeapSize
GetLastError
CreateDirectoryA
RaiseException
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
WideCharToMultiByte
GetProcessHeap
HeapFree
HeapAlloc

user32

SetCursorPos
MapVirtualKeyExW
IsCharLowerW
GetKeyboardLayout
GetNextDlgGroupItem
PostThreadMessageW
CharNextW
InvalidateRgn
CopyAcceleratorTableW
SetParent
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
MonitorFromPoint
UnionRect
EnableScrollBar
UpdateLayeredWindow
IsMenu
SetMenuDefaultItem
GetMenuDefaultItem
NotifyWinEvent
MessageBeep
DeleteMenu
CharUpperW
IsZoomed
TrackMouseEvent
RealChildWindowFromPoint
SendDlgItemMessageA
EnumDisplayMonitors
SetLayeredWindowAttributes
GetMenuItemInfoW
DrawIconEx
DrawFocusRect
GetSysColorBrush
ShowOwnedPopups
MapDialogRect
SetWindowContextHelpId
PostQuitMessage
GetMessageW
RegisterClipboardFormatW
SetWindowRgn
DrawIcon
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
CheckMenuItem
MapVirtualKeyW
GetKeyNameTextW
ReuseDDElParam
UnpackDDElParam
InsertMenuItemW
DestroyMenu
TranslateAcceleratorW
LoadAcceleratorsW
BringWindowToTop
IsIconic
GetIconInfo
CopyImage
LoadImageW
DestroyIcon
SetRectEmpty
LoadMenuW
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
GetTopWindow
GetClassLongW
EqualRect
MapWindowPoints
AdjustWindowRectEx
RemovePropW
GetPropW
SetPropW
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
ValidateRect
LockWindowUpdate
TrackPopupMenu
SetMenu
GetMenu
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
IsChild
GetClassInfoExW
RegisterClassW
CallWindowProcW
GetMessageTime
PeekMessageW
RegisterWindowMessageW
UnhookWindowsHookEx
EndPaint
BeginPaint
GetLastActivePopup
GetWindowThreadProcessId
GetDesktopWindow
SetActiveWindow
GetActiveWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
DestroyWindow
DrawStateW
IsDialogMessageW
GetWindow
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
IsWindowEnabled
SetFocus
GetDlgCtrlID
CheckDlgButton
GetDlgItem
SetWindowPos
MoveWindow
ShowWindow
RemoveMenu
InsertMenuW
GetMenuItemCount
GetSubMenu
GetMenuState
GetMenuStringW
CreateWindowExW
SetForegroundWindow
UnregisterClassW
SendMessageW
GetWindowLongW
InvalidateRect
GetSysColor
AppendMenuW
CreatePopupMenu
MessageBoxA
EnableMenuItem
GetMenuItemID
GetSystemMenu
LoadIconW
MessageBoxW
LoadBitmapW
UnregisterHotKey
RegisterHotKey
RedrawWindow
FindWindowExW
GetAsyncKeyState
SetWindowsHookExW
CallNextHookEx
CopyIcon
GetWindowRgn
DestroyCursor
HideCaret
CreateMenu
GetComboBoxInfo
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
SubtractRect
WindowFromPoint
ClientToScreen
CopyRect
GetDoubleClickTime
DispatchMessageW
TranslateMessage
WaitMessage
ModifyMenuW
CreateAcceleratorTableW
GetKeyboardState
ToUnicodeEx
GetUpdateRect
SetClassLongW
GetForegroundWindow
DestroyAcceleratorTable
GetWindowRect
GetClientRect
IsWindowVisible
GetSystemMetrics
ShowScrollBar
SetWindowLongW
EnableWindow
wsprintfA
wsprintfW
GetClassNameW
EnumChildWindows
UpdateWindow
GetWindowDC
ReleaseDC
SystemParametersInfoW
GetDC
FillRect
FrameRect
DrawEdge
InflateRect
DrawTextW
SetCursor
LoadCursorW
SetRect
IsWindow
GetClassInfoW
DefWindowProcW
GetParent
IntersectRect
GetKeyState
KillTimer
GetCursorPos
ScreenToClient
IsClipboardFormatAvailable
GetMessagePos
GetFocus
PostMessageW
PtInRect
InvertRect
SetCapture
ClipCursor
SetTimer
GetCapture
ReleaseCapture
TabbedTextOutW
DrawTextExW
GrayStringW
DrawFrameControl
IsRectEmpty
OffsetRect
CharUpperBuffW

gdi32

MoveToEx
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateEllipticRgn
Ellipse
DPtoLP
LPtoDP
GetMapMode
SetRectRgn
GetTextColor
CreatePolygonRgn
Polygon
Polyline
CreateDIBitmap
EnumFontFamiliesW
CreateRoundRectRgn
RealizePalette
SetPixel
GetRgnBox
OffsetRgn
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
ExtFloodFill
SetPaletteEntries
EnumFontFamiliesExW
FrameRgn
GetBoundsRect
PtInRegion
GetViewportOrgEx
SetPixelV
GetTextFaceW
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
SetTextAlign
SetTextColor
SetStretchBltMode
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetBkMode
SetBkColor
SelectPalette
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
GetTextCharsetInfo
DeleteDC
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
CreateRectRgn
CreatePatternBrush
CreateHatchBrush
CreateBitmap
CreateDCW
CopyMetaFileW
Rectangle
RoundRect
PatBlt
GetTextMetricsW
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
CreateFontW
CreatePen
BitBlt
GetBkColor
GetDeviceCaps
GetCurrentObject
GetDIBColorTable
GetTextExtentPoint32W
CreateFontIndirectW
StretchBlt
CreateCompatibleBitmap
CreateDIBSection
CreateCompatibleDC
SetDIBColorTable
SelectObject
GetObjectW
GetStockObject
FillRgn
GetWindowOrgEx
CreateSolidBrush
CombineRgn
CreateRectRgnIndirect
DeleteObject
LineTo

msimg32

TransparentBlt
AlphaBlend

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegDeleteKeyW
RegQueryValueExW
RegCloseKey
RegDeleteValueW
RegCreateKeyExW
RegEnumKeyExW
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegOpenKeyExW
SetFileSecurityW
GetFileSecurityW
RegSetValueExW

shell32

Shell_NotifyIconW
SHFileOperationW
DragQueryFileW
DragFinish
SHGetMalloc
SHGetPathFromIDListW
SHGetSpecialFolderLocation
ShellExecuteW
SHAppBarMessage
SHGetFileInfoW
SHGetDesktopFolder
SHBrowseForFolderW

comctl32

ImageList_Draw
ImageList_AddMasked
_TrackMouseEvent
ImageList_GetImageInfo
InitCommonControlsEx

shlwapi

PathFindExtensionW
PathFindFileNameW
PathRemoveFileSpecW
PathIsUNCW
PathStripToRootW
PathFileExistsW
StrFormatKBSizeW

uxtheme

GetWindowTheme
GetThemeSysColor
OpenThemeData
DrawThemeBackground
CloseThemeData
IsAppThemed
GetThemeColor
GetCurrentThemeName
GetThemePartSize
IsThemeBackgroundPartiallyTransparent
DrawThemeText
DrawThemeParentBackground

ole32

CoTaskMemFree
CoInitialize
CoUninitialize
CreateStreamOnHGlobal
CoCreateInstance
IsAccelerator
OleTranslateAccelerator
OleDuplicateData
ReleaseStgMedium
CLSIDFromString
OleDraw
CoFreeUnusedLibraries
OleInitialize
OleUninitialize
OleSetClipboard
OleFlushClipboard
OleIsCurrentClipboard
OleGetClipboard
DoDragDrop
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
CoCreateGuid
CLSIDFromProgID
CoDisconnectObject
CoInitializeEx
CoGetClassObject
OleRun
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLockRunning
CoRegisterMessageFilter
CoRevokeClassObject
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
CoTaskMemAlloc
StgCreateDocfileOnILockBytes

oleaut32

VariantCopy
SysStringLen
SysAllocString
SafeArrayCreate
SafeArrayPutElement
VariantChangeType
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
VarUdateFromDate
SafeArrayAccessData
SafeArrayUnaccessData
VarDateFromStr
VariantInit
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetUBound
SafeArrayGetLBound
VarBstrFromDate
LoadTypeLi
OleCreateFontIndirect
SysAllocStringLen
VariantClear
SysFreeString
GetErrorInfo

oledlg

OleUIBusyW

urlmon

UrlMkSetSessionOption

gdiplus

GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromFile
GdiplusStartup
GdipCreateBitmapFromStream
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImagePaletteSize
GdipGetImagePalette
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipCreateBitmapFromScan0
GdipCloneImage
GdipAlloc
GdipFree
GdipDisposeImage
GdipGetImageGraphicsContext
GdipDeleteGraphics
GdipDrawImageI
GdiplusShutdown
GdipDrawImageRectI

wininet

InternetGetCookieExW

ws2_32

WSAGetLastError
htons
inet_addr
socket
WSACleanup
WSAStartup
getsockopt
select
connect
ioctlsocket
closesocket

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

winmm

mciGetErrorStringW
mciSendStringW
PlaySoundW

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 385KB - Virtual size: 384KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: 603KB - Virtual size: 602KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 142KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3.9MB - Virtual size: 3.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4e7fdab5a4937ced3bda281031c13b2e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

urlmon

gdiplus

wininet

ws2_32

oleacc

imm32

winmm

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.rdata Size: 385KB - Virtual size: 384KB

.data Size: 28KB - Virtual size: 152KB

.vmp0 Size: 603KB - Virtual size: 602KB

.reloc Size: 142KB - Virtual size: 141KB

.rsrc Size: 3.9MB - Virtual size: 3.9MB

.text
Size: 1.7MB - Virtual size: 1.7MB

.rdata
Size: 385KB - Virtual size: 384KB

.data
Size: 28KB - Virtual size: 152KB

.vmp0
Size: 603KB - Virtual size: 602KB

.reloc
Size: 142KB - Virtual size: 141KB

.rsrc
Size: 3.9MB - Virtual size: 3.9MB