2024-07-01_71bf676ae80afa9f2577d2eae6a133ae_bkransomware

Sharing

Copy URL Twitter E-mail

General

Target

2024-07-01_71bf676ae80afa9f2577d2eae6a133ae_bkransomware
Size

6.7MB
MD5

71bf676ae80afa9f2577d2eae6a133ae
SHA1

0fedcfbd17c9a11a97ce5c6b984926b5a510f533
SHA256

9f803c1fd9944d0050032ecd983de008c13c0e939e66d13c1d138551d290be99
SHA512

f8150af3a932ead9e6968569978ddba194b6355d4ac65bfcd7e54302e2f7f4b944c27baf3763297f5edc2d8eddb89bafea2489a79e1a77c695cc65fd967cf545
SSDEEP

196608:E71Qk81TbJCLnVnNaADRBScUYNeHE+T1EwSyuY:EBN8VbJIjSSNeqwu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-07-01_71bf676ae80afa9f2577d2eae6a133ae_bkransomware

Files

2024-07-01_71bf676ae80afa9f2577d2eae6a133ae_bkransomware
.exe windows:6 windows x86 arch:x86

a0c257110d940e4cad81556fa54b1fe8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
EnumResourceNamesW
CreateFileA
TlsGetValue
RtlCaptureContext
UnmapViewOfFile
SetErrorMode
FindResourceW
SystemTimeToTzSpecificLocalTime
EnumCalendarInfoW
VerSetConditionMask
WaitNamedPipeA
GetCurrentProcess
CompareFileTime
GetModuleHandleExW
WaitForSingleObject
GetLogicalDrives
SetCommBreak
ConnectNamedPipe
GetWindowsDirectoryA
SetCommState
GetCommandLineA
SetCommTimeouts
GetConsoleCP
InitializeCriticalSectionAndSpinCount
Sleep
GetSystemTimeAdjustment
HeapDestroy
LeaveCriticalSection
GetExitCodeProcess
IsProcessorFeaturePresent
CreateProcessA
FileTimeToSystemTime
ExitThread
MultiByteToWideChar
GetStartupInfoW
GetTempPathW
RaiseException
GetCPInfoExW
SetLastError
VirtualAlloc
CreateFileMappingA
CreateEventW
RemoveDirectoryW
QueryDosDeviceW
DeviceIoControl
CreatePipe
GetModuleFileNameA
GetOEMCP
GetModuleHandleA
GetThreadPriority
WinExec
TlsAlloc
FileTimeToLocalFileTime
GetCurrentProcessId
GetThreadTimes
TlsFree
EnumSystemLocalesW
lstrcpyW
ExpandEnvironmentStringsW
CreateThread
SetStdHandle
SetFilePointerEx
GetConsoleMode
FlushFileBuffers
LCMapStringW
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
ReleaseSemaphore
VirtualFree
GetVersionExW
FreeLibraryAndExitThread
OutputDebugStringW
FreeEnvironmentStringsW
WriteFile
GetModuleFileNameW
GetFileType
GetStdHandle
GetACP
IsDebuggerPresent
GetProcessHeap
HeapAlloc
WriteConsoleW
HeapSize
WideCharToMultiByte
IsValidCodePage
SizeofResource
LoadLibraryExW
DeleteFileA
ResumeThread
OpenFileMappingA
GetVersion
GetStringTypeW
FindNextFileA
EnumResourceTypesW
GetLocalTime
EnterCriticalSection
CreateNamedPipeA
FindFirstFileA
SetThreadLocale
GetPrivateProfileIntW
CreateFileW
GetTimeZoneInformation
GetFileAttributesW
GetFileAttributesA
LoadLibraryW
ReadProcessMemory
VirtualQueryEx
OpenProcess
GetSystemTimeAsFileTime
ExpandEnvironmentStringsA
GetEnvironmentStringsW
QueryPerformanceCounter
SystemTimeToFileTime
FreeLibrary
GetSystemDefaultUILanguage
GetCPInfo
MapViewOfFile
GetLocaleInfoA
SetFilePointer
FindFirstFileW
VirtualProtect
GlobalMemoryStatus
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
SetThreadPriority
SwitchToThread
SignalObjectAndWait
WaitForSingleObjectEx
SetEvent
CreateTimerQueue
CloseHandle
DuplicateHandle
GetCurrentThread
GetCurrentThreadId
GetExitCodeThread
DeleteCriticalSection
EncodePointer
DecodePointer
GetLastError
HeapReAlloc
GetCommandLineW
RtlUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
TlsSetValue
GetTickCount
GetModuleHandleW
GetProcAddress
CreateSemaphoreW
HeapFree

user32

CheckMenuItem
GetWindow
GetDlgItemInt
CharUpperBuffW
IsIconic
DrawIconEx
AttachThreadInput
GetMenu
MessageBoxA
GetWindowLongW
DrawStateW
CharUpperW
DestroyCursor
SendDlgItemMessageW
ShowWindow
GetSysColorBrush
DrawMenuBar
GetMenuItemCount
CreateWindowExW
MessageBoxW
BeginDeferWindowPos
SendMessageW
UpdateWindow
ToUnicode
CopyRect
LoadMenuW
LoadStringA
CharLowerBuffW
DrawTextExW
GetDC
GetWindowTextW
SetWindowLongW
GetDesktopWindow
DestroyMenu
GetDlgCtrlID
SetWindowTextW
GetMonitorInfoW
GetMessageW

gdi32

SetLayout
Arc
StretchBlt
GetEnhMetaFileHeader
PlayEnhMetaFile
OffsetRgn
StretchDIBits
GetBkColor
GetCharABCWidthsW
SetStretchBltMode
CloseEnhMetaFile
RectInRegion
GetTextExtentPoint32W
SetWindowExtEx
CreateHatchBrush
CreateFontIndirectW
GetRgnBox
SetViewportExtEx
SetROP2
SetWinMetaFileBits
CreatePolygonRgn

comdlg32

GetOpenFileNameW

advapi32

AdjustTokenPrivileges
RegEnumKeyExW
QueryServiceStatus
RegOpenKeyExA
OpenProcessToken
RegUnLoadKeyW
RegCloseKey
RegOpenKeyExW
RegGetKeySecurity
LookupPrivilegeValueW
SetSecurityDescriptorDacl
RegQueryValueExW
RegSetValueExW

shell32

SHGetFileInfoW
Shell_NotifyIconW

ole32

CoTaskMemFree

oleaut32

SafeArrayGetUBound
SafeArrayPtrOfIndex
VariantChangeType
SafeArrayCreate
VariantCopy
SafeArrayGetLBound
VariantClear
SysAllocStringLen
VariantInit
SysReAllocStringLen

Sections

.text
Size: 681KB - Virtual size: 681KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6.0MB - Virtual size: 6.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ZkClh
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a0c257110d940e4cad81556fa54b1fe8

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 681KB - Virtual size: 681KB

.data Size: 6.0MB - Virtual size: 6.0MB

.idata Size: 7KB - Virtual size: 6KB

.ZkClh Size: 3KB - Virtual size: 2KB

.reloc Size: 13KB - Virtual size: 13KB

.text
Size: 681KB - Virtual size: 681KB

.data
Size: 6.0MB - Virtual size: 6.0MB

.idata
Size: 7KB - Virtual size: 6KB

.ZkClh
Size: 3KB - Virtual size: 2KB

.reloc
Size: 13KB - Virtual size: 13KB