2024-07-01_461e481b91a66d6d62df3c8bddbd3a94_bkransomware

Sharing

Copy URL Twitter E-mail

General

Target

2024-07-01_461e481b91a66d6d62df3c8bddbd3a94_bkransomware
Size

6.7MB
MD5

461e481b91a66d6d62df3c8bddbd3a94
SHA1

7df56e81848dcafcb1ec0fb5ebcd05af3a4e16e5
SHA256

90fb3644af30c1804c48d3e10350876da24e9c3afeac4e464ad0cab7b5957e31
SHA512

b8582306f9f2d6256622c1c01f8bb237879ce46ef98d2c443e408da77db09ef77c40a5040bb2650e20ee12c7b7d425dcafd0f8cf8712c6420c996eed0bfaf103
SSDEEP

196608:aPJyyWxfTTM618Q9C8QvB9DnRsM4EFLWcNWtWOpW1:0Sxf3MQkzpFLW9tWOu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-07-01_461e481b91a66d6d62df3c8bddbd3a94_bkransomware

Files

2024-07-01_461e481b91a66d6d62df3c8bddbd3a94_bkransomware
.exe windows:6 windows x86 arch:x86

e3d53141a2b4cea79eb2ef4f717f8061

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTempFileNameW
CreateFileA
UnmapViewOfFile
GetDriveTypeW
SetEndOfFile
SetErrorMode
FindResourceW
FreeLibrary
SystemTimeToFileTime
GetCurrentProcess
CompareFileTime
SetEnvironmentVariableW
CreateDirectoryW
SetHandleInformation
WaitForSingleObject
VirtualFree
ExpandEnvironmentStringsA
GetWindowsDirectoryA
VirtualQueryEx
SetCommState
TlsSetValue
OpenProcess
WideCharToMultiByte
LoadLibraryW
GetLocaleInfoW
InitializeCriticalSectionAndSpinCount
Sleep
CreateEventA
GetExitCodeProcess
lstrcpynW
Beep
GetFileAttributesW
GetModuleFileNameW
GetSystemDirectoryA
WritePrivateProfileStringW
FlushFileBuffers
RaiseException
SetThreadLocale
FindFirstFileA
CreateNamedPipeA
GlobalFree
GetDiskFreeSpaceW
FindClose
GetLocalTime
LoadLibraryA
CreateFileMappingA
CreatePipe
EnumResourceTypesW
GetModuleFileNameA
FindNextFileA
VirtualProtect
WinExec
CloseHandle
GetWindowsDirectoryW
DeleteFileW
GetCurrentProcessId
GetThreadTimes
EncodePointer
GetSystemTime
EnumSystemLocalesW
SuspendThread
WriteConsoleW
SetStdHandle
SetFilePointerEx
GetConsoleMode
LCMapStringW
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
ReleaseSemaphore
VirtualAlloc
GetModuleHandleA
FreeLibraryAndExitThread
OutputDebugStringW
FreeEnvironmentStringsW
WriteFile
GetStdHandle
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
GetProcessHeap
HeapAlloc
HeapSize
GetModuleHandleExW
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
CreateFileW
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
SetThreadPriority
SignalObjectAndWait
SetEvent
CreateTimerQueue
HeapFree
LoadLibraryExW
ReadProcessMemory
GetUserDefaultLangID
SwitchToThread
DeleteFileA
lstrcpyW
FileTimeToLocalFileTime
DeleteCriticalSection
GetUserDefaultUILanguage
GetStringTypeW
FindNextFileW
IsDebuggerPresent
GetThreadPriority
GetSystemInfo
DeviceIoControl
RemoveDirectoryW
GetFileType
ResetEvent
GetThreadLocale
GetTempPathW
GlobalUnlock
MultiByteToWideChar
GetTimeZoneInformation
FileTimeToSystemTime
TerminateProcess
GetVersionExW
FormatMessageW
SizeofResource
GetSystemDirectoryW
IsValidLocale
GetConsoleCP
SetCommTimeouts
ClearCommBreak
GetCommandLineA
GetSystemTimeAsFileTime
GetCurrentThread
WaitForSingleObjectEx
SetCommBreak
GetLogicalDrives
GetEnvironmentStringsW
QueryPerformanceCounter
InitializeSListHead
EnumCalendarInfoW
SystemTimeToTzSpecificLocalTime
VirtualQuery
TlsGetValue
SetFilePointer
GlobalMemoryStatus
GetFileSize
GetCommandLineW
ExitProcess
OpenFileMappingA
GetFullPathNameW
ExitThread
CreateThread
CreateSemaphoreW
GetProcAddress
GetModuleHandleW
GetTickCount
GetStartupInfoW
TlsFree
TlsAlloc
CreateEventW
SetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsProcessorFeaturePresent
RtlUnwind
HeapReAlloc
DuplicateHandle
GetCurrentThreadId
GetExitCodeThread
EnterCriticalSection
LeaveCriticalSection
DecodePointer
GetLastError

user32

GetWindow
GetWindowThreadProcessId
GetMessageW
CharNextW
IsIconic
AttachThreadInput
GetMenuStringW
CharLowerBuffW
ModifyMenuW
EnumWindows
DrawFocusRect
InflateRect
SetDlgItemInt
GetMenu
MessageBoxA
LoadMenuW
GetClassNameW
DrawStateW
SetWindowLongW
SendDlgItemMessageW
ShowWindow
GetSysColorBrush
CreateWindowExW
InsertMenuW
MessageBoxW
ValidateRgn
SendMessageW
MapWindowPoints
UpdateWindow
EndMenu
DrawFrameControl
IsRectEmpty
EndPaint
CharUpperBuffW
PostMessageW
GetKeyState
GetSubMenu
DrawIconEx
GetDC
CheckMenuRadioItem
MonitorFromWindow
GetDesktopWindow
DrawMenuBar
EnableScrollBar
GetMenuItemCount
SetDlgItemTextW
GetDlgCtrlID
SetWindowTextW
ToUnicode
SetMenuItemInfoW
GetMonitorInfoW
CreateDialogIndirectParamA

gdi32

ExtFloodFill
SetTextColor
CreateHatchBrush
StretchBlt
GetRgnBox
GetEnhMetaFileHeader
PlayEnhMetaFile
CombineRgn
Ellipse
GetBkColor
CreateBitmapIndirect
CreatePatternBrush
SetROP2
SetWinMetaFileBits
CloseEnhMetaFile
CreateEnhMetaFileW
CreatePolygonRgn
SetWindowOrgEx
GetTextExtentPoint32W
SetViewportOrgEx
SetWindowExtEx
PtInRegion
RectInRegion
SetPolyFillMode
GetTextExtentPointW
GetCharABCWidthsW
GetNearestPaletteIndex
PolyPolygon

comdlg32

GetOpenFileNameW
GetSaveFileNameW
FindTextW

advapi32

RegEnumKeyExW
RegSetKeySecurity
RegDeleteValueA
RegConnectRegistryW
RegOpenKeyExA
LookupPrivilegeValueW
RegDeleteKeyA
RegQueryInfoKeyW
OpenSCManagerW
OpenProcessToken
RegLoadKeyW
SetSecurityDescriptorOwner
RegUnLoadKeyW
AdjustTokenPrivileges
RegGetKeySecurity
SetSecurityDescriptorDacl
CloseServiceHandle
RegCloseKey

shell32

Shell_NotifyIconW
ShellExecuteW
SHGetFileInfoW
CommandLineToArgvW
ExtractIconExW

ole32

CoInitialize

oleaut32

SafeArrayGetUBound
SafeArrayGetLBound
SysReAllocStringLen
SysFreeString
VariantChangeType
SysAllocStringLen
SafeArrayCreate

Sections

.text
Size: 744KB - Virtual size: 743KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6.0MB - Virtual size: 6.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.FvDxs
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e3d53141a2b4cea79eb2ef4f717f8061

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 744KB - Virtual size: 743KB

.data Size: 6.0MB - Virtual size: 6.0MB

.idata Size: 8KB - Virtual size: 7KB

.FvDxs Size: 3KB - Virtual size: 3KB

.reloc Size: 14KB - Virtual size: 13KB

.text
Size: 744KB - Virtual size: 743KB

.data
Size: 6.0MB - Virtual size: 6.0MB

.idata
Size: 8KB - Virtual size: 7KB

.FvDxs
Size: 3KB - Virtual size: 3KB

.reloc
Size: 14KB - Virtual size: 13KB