2024-07-01_037e83b8741f16754c000ac76fa800b4_bkransomware

Sharing

Copy URL Twitter E-mail

General

Target

2024-07-01_037e83b8741f16754c000ac76fa800b4_bkransomware
Size

137KB
MD5

037e83b8741f16754c000ac76fa800b4
SHA1

c41d16b3a93b669bbf8d601ea586ffc944cd63a3
SHA256

31f6907c3771f2adef79233f0ae455536c83ad84d4098dc7982360162790b407
SHA512

3e72b22a7cd14058aaebc2fcf349db199f5f64489f23c025ded3c08537846471100a9fd43da20ffc7031e1d4a04ccd7de934b084fc98384b3ba067e08ec22f8a
SSDEEP

3072:B0SS0eMNiKpKMFkFgSLz/DFj0y939UUEUMUHCWc7T:B04vZIh9Er7T

Score

1^/10

Malware Config

Signatures

Files

2024-07-01_037e83b8741f16754c000ac76fa800b4_bkransomware
.exe windows:5 windows x86 arch:x86

e4e575f1710ef22bfbc84de968665cbc

Code Sign

01:24:0a:fb:1e:38:0b:8a:16:f1:4b:71:9d:f4:d3:c0
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

09/06/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

29/03/2022, 00:00

Not After

14/03/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0b:21:86:49:f1:63:69:fa:77:67:a5:5a:e9:72:ca:f8
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

16/02/2022, 00:00

Not After

16/02/2023, 23:59

Subject

SERIALNUMBER=145214,CN=ACCOPS SYSTEMS PRIVATE LIMITED,OU=Accops Systems Pvt. Ltd.,O=ACCOPS SYSTEMS PRIVATE LIMITED,L=Pune,ST=Maharashtra,C=IN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#1302494e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

93:e1:e4:27:74:0c:85:18:89:8a:cd:de:df:66:ea:f1:bc:a6:41:1c
Signer

Actual PE Digest

93:e1:e4:27:74:0c:85:18:89:8a:cd:de:df:66:ea:f1:bc:a6:41:1c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Workspace\HySecureClient\Setup\common-bin\hlnsetup32.pdb

Imports

ws2_32

WSCInstallProvider
WSCEnumProtocols
WSACleanup
WSCEnableNSProvider
WSCUnInstallNameSpace
WSCInstallNameSpace
WSCDeinstallProvider
WSCWriteProviderOrder
WSCGetProviderPath
WSAStartup

rpcrt4

UuidCreate

ole32

StringFromGUID2

shlwapi

PathFileExistsA

kernel32

GetStringTypeW
LCMapStringW
GetCurrentProcessId
GetLastError
EnterCriticalSection
LeaveCriticalSection
Sleep
WriteFile
ReadFile
CloseHandle
OutputDebugStringA
WideCharToMultiByte
GetConsoleCP
FreeLibrary
InitializeCriticalSection
DeleteCriticalSection
SetEvent
CreateEventA
GetSystemDirectoryA
CopyFileA
GetProcAddress
LoadLibraryA
GetVersionExA
MultiByteToWideChar
ExpandEnvironmentStringsA
DeleteFileA
lstrcpyW
ExpandEnvironmentStringsW
HeapCreate
HeapDestroy
HeapAlloc
HeapFree
LoadLibraryW
HeapReAlloc
HeapSize
GetConsoleMode
SetFilePointerEx
FlushFileBuffers
SetStdHandle
WriteConsoleW
CreateFileW
ReadConsoleW
OutputDebugStringW
EncodePointer
DecodePointer
ExitProcess
GetModuleHandleExW
GetCommandLineA
IsDebuggerPresent
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
InitializeCriticalSectionAndSpinCount
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
GetStdHandle
GetModuleFileNameW
LoadLibraryExW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCurrentThreadId
GetProcessHeap
RtlUnwind
GetFileType
GetModuleFileNameA
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW

user32

wsprintfA
wvsprintfA

Sections

.text
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e4e575f1710ef22bfbc84de968665cbc

Code Sign

01:24:0a:fb:1e:38:0b:8a:16:f1:4b:71:9d:f4:d3:c0Certificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9dCertificate

Extended Key Usages

Key Usages

0b:21:86:49:f1:63:69:fa:77:67:a5:5a:e9:72:ca:f8Certificate

Extended Key Usages

Key Usages

93:e1:e4:27:74:0c:85:18:89:8a:cd:de:df:66:ea:f1:bc:a6:41:1cSigner

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

ws2_32

rpcrt4

ole32

shlwapi

kernel32

user32

Sections

.text Size: 85KB - Virtual size: 85KB

.rdata Size: 34KB - Virtual size: 34KB

.data Size: 4KB - Virtual size: 12KB

.rsrc Size: 1KB - Virtual size: 1KB

01:24:0a:fb:1e:38:0b:8a:16:f1:4b:71:9d:f4:d3:c0
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

0b:21:86:49:f1:63:69:fa:77:67:a5:5a:e9:72:ca:f8
Certificate

93:e1:e4:27:74:0c:85:18:89:8a:cd:de:df:66:ea:f1:bc:a6:41:1c
Signer

.text
Size: 85KB - Virtual size: 85KB

.rdata
Size: 34KB - Virtual size: 34KB

.data
Size: 4KB - Virtual size: 12KB

.rsrc
Size: 1KB - Virtual size: 1KB