2024-06-28_da90f7bd175ca776422cc6815de49bdf_bkransomware

Sharing

Copy URL Twitter E-mail

General

Target

2024-06-28_da90f7bd175ca776422cc6815de49bdf_bkransomware
Size

2.0MB
MD5

da90f7bd175ca776422cc6815de49bdf
SHA1

8ffabd517c8904267e0953214c25fcd36dc424cb
SHA256

1844ef9a0cef52e4b2f4bdadab6d723fccbfe70f275c351e8434a6da4eb0dcfa
SHA512

c473dcef053ea1d56f0c9a6d67e00e403ed15df6a7ff599231d8c16cf6312a2278224d615fde755918634c2ff31bc70d46d48439e50e5f63a0d95ccf5c47cd35
SSDEEP

24576:fTxD/xc95ggW5NFD8jJncNwV3M3yec020gBzlcvOKkNnXJ9skmpaDQlxChzEXvXh:bxDZcLW5z00c020gBzlcCVSnIKvXgw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-06-28_da90f7bd175ca776422cc6815de49bdf_bkransomware

Files

2024-06-28_da90f7bd175ca776422cc6815de49bdf_bkransomware
.exe windows:5 windows x86 arch:x86

ccb7d5cb39d5adde8db4ece39908e17f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\NetAccerAWSDLL13\Release\NetAccerAWS.pdb

Imports

kernel32

UnlockFile
WriteFile
DuplicateHandle
GetCurrentProcess
FileTimeToSystemTime
SetErrorMode
FileTimeToLocalFileTime
GetFileAttributesW
GetFileAttributesExW
GetFileSizeEx
GetFileTime
ExitProcess
GetModuleHandleExW
AreFileApisANSI
IsDebuggerPresent
IsProcessorFeaturePresent
RtlUnwind
CreateThread
ExitThread
HeapQueryInformation
VirtualAlloc
VirtualProtect
VirtualQuery
GetStdHandle
GetFileType
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
CreateSemaphoreW
IsValidCodePage
GetOEMCP
GetCPInfo
SetFilePointer
GetConsoleCP
GetConsoleMode
SetFilePointerEx
GetStringTypeW
GetTimeZoneInformation
OutputDebugStringW
LCMapStringW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
ReadConsoleW
SetStdHandle
WriteConsoleW
SetEnvironmentVariableA
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
ReleaseSemaphore
VirtualFree
FreeLibraryAndExitThread
GetThreadTimes
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SwitchToThread
SignalObjectAndWait
WaitForSingleObjectEx
CreateTimerQueue
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetFullPathNameW
GetFileSize
FlushFileBuffers
FindFirstFileW
FindClose
CreateFileW
GetThreadLocale
DeleteFileW
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
FormatMessageW
MulDiv
LocalFree
GlobalUnlock
SetThreadPriority
CreateEventW
SetEvent
GlobalFindAtomW
GlobalAddAtomW
LoadLibraryA
GetSystemDirectoryW
EncodePointer
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
GlobalFree
FreeResource
lstrcmpW
lstrcmpA
GlobalDeleteAtom
GlobalLock
GlobalAlloc
GetCurrentThreadId
GetCurrentThread
LoadLibraryW
GetModuleHandleA
SetLastError
OutputDebugStringA
GetACP
DecodePointer
HeapSize
RaiseException
InitializeCriticalSectionAndSpinCount
GetProcessHeap
HeapFree
HeapAlloc
HeapReAlloc
DeleteCriticalSection
GetDriveTypeW
GetDiskFreeSpaceW
WaitForSingleObject
TerminateProcess
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
CloseHandle
OpenProcess
GetCurrentProcessId
GetEnvironmentVariableW
FreeLibrary
GetProcAddress
LoadLibraryExW
GetModuleFileNameW
GetFileAttributesA
WideCharToMultiByte
MultiByteToWideChar
GetVersionExW
GetSystemInfo
GetCommandLineW
LockResource
LoadResource
SizeofResource
GetLastError
FindResourceW
GetModuleHandleW
GetTickCount
Sleep
LeaveCriticalSection
EnterCriticalSection
CreateDirectoryW
InitializeCriticalSection

user32

GetDesktopWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
SetCursor
GetActiveWindow
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetMonitorInfoW
MonitorFromWindow
WinHelpW
CallNextHookEx
SetWindowsHookExW
GetTopWindow
GetClassNameW
GetClassLongW
SetWindowLongW
EqualRect
CopyRect
GetSysColor
MapWindowPoints
ScreenToClient
AdjustWindowRectEx
GetWindowTextW
RemovePropW
GetPropW
SetPropW
RedrawWindow
ValidateRect
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
TrackPopupMenu
GetMenuItemCount
GetMenuItemID
GetSubMenu
SetMenu
GetMenu
ShowWindow
GetKeyState
GetFocus
SetFocus
GetDlgCtrlID
GetDlgItem
IsChild
IsWindow
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
GetMessageTime
GetMessagePos
PeekMessageW
RegisterWindowMessageW
MapDialogRect
SendMessageW
GetCursorPos
FindWindowW
FindWindowExW
GetWindow
SetWindowContextHelpId
SetWindowPos
PostQuitMessage
UnhookWindowsHookEx
GetLastActivePopup
GetWindowThreadProcessId
GetWindowLongW
IsWindowEnabled
GetParent
SendDlgItemMessageA
UnregisterClassW
SetWindowTextW
IsDialogMessageW
PtInRect
SetWindowRgn
MoveWindow
GetCapture
PostMessageW
LoadIconW
GetSystemMetrics
DefWindowProcW
LoadCursorW
RegisterClassExW
GetMessageW
TranslateMessage
DispatchMessageW
DestroyWindow
CreateWindowExW
EnableWindow
InvalidateRect
UpdateWindow
MessageBoxW
CreatePopupMenu
AppendMenuW
GetDC
GetSystemMenu
IsIconic
GetClientRect
DrawIcon
GetWindowRect
LoadBitmapW
PostThreadMessageW
RegisterClipboardFormatW
CharUpperW
GetSysColorBrush
MessageBeep
GetNextDlgGroupItem
IsRectEmpty
IntersectRect
SetRect
InvalidateRgn
CopyAcceleratorTableW
OffsetRect
CharNextW
KillTimer
SetTimer
RealChildWindowFromPoint
DestroyMenu
SetCapture
ClientToScreen
EndPaint
BeginPaint
ReleaseDC
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
IsWindowVisible
ReleaseCapture

gdi32

ExtTextOutW
DeleteObject
Escape
GetClipBox
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
RestoreDC
SaveDC
ExtSelectClipRgn
SelectObject
SetBkMode
SetMapMode
TextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
OffsetViewportOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
GetBkColor
GetTextColor
CreateRectRgnIndirect
GetRgnBox
GetMapMode
GetDeviceCaps
CreateBitmap
SetTextColor
SetBkColor
DeleteDC
GetStockObject
CreateFontW
CombineRgn
GetPixel
CreateRectRgn
StretchBlt
CreateCompatibleDC
GetObjectW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegSetValueExW
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW

shell32

ShellExecuteW
ShellExecuteExW
Shell_NotifyIconW
SHChangeNotify

comctl32

InitCommonControlsEx

shlwapi

PathIsUNCW
PathFindFileNameW
PathFindExtensionW
PathStripToRootW

ole32

CoRegisterMessageFilter
OleIsCurrentClipboard
OleFlushClipboard
CoGetClassObject
StgCreateDocfileOnILockBytes
CoTaskMemAlloc
CLSIDFromProgID
CLSIDFromString
CoTaskMemFree
CoCreateInstance
CoUninitialize
OleUninitialize
OleInitialize
CoCreateGuid
CoInitialize
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
CoFreeUnusedLibraries
CoRevokeClassObject

oleaut32

SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
OleCreateFontIndirect
VariantChangeType
VariantClear
VariantInit
SysAllocString
SysFreeString
VariantCopy
SysAllocStringLen

oledlg

OleUIBusyW

ws2_32

htonl
WSAAsyncSelect
WSAIoctl
inet_ntoa
socket
WSAGetLastError
setsockopt
htons
bind
listen
closesocket
accept
recv
connect
WSAStartup
inet_addr
send
gethostbyname

psapi

EnumProcessModules
GetModuleFileNameExW

oleacc

CreateStdAccessibleObject
LresultFromObject

Sections

.text
Size: 593KB - Virtual size: 592KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 137KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ccb7d5cb39d5adde8db4ece39908e17f

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

ws2_32

psapi

oleacc

Sections

.text Size: 593KB - Virtual size: 592KB

.rdata Size: 137KB - Virtual size: 136KB

.data Size: 19KB - Virtual size: 45KB

.rsrc Size: 1.2MB - Virtual size: 1.2MB

.reloc Size: 37KB - Virtual size: 37KB

.text
Size: 593KB - Virtual size: 592KB

.rdata
Size: 137KB - Virtual size: 136KB

.data
Size: 19KB - Virtual size: 45KB

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

.reloc
Size: 37KB - Virtual size: 37KB