2024-07-03_cba1e94d122f9719b6a19c3c40528b38_bkransomware

Sharing

Copy URL Twitter E-mail

General

Target

2024-07-03_cba1e94d122f9719b6a19c3c40528b38_bkransomware
Size

6.7MB
MD5

cba1e94d122f9719b6a19c3c40528b38
SHA1

0c7d9b9991d46d14791aef811f7a1eb2c83ac2a4
SHA256

b842f0574558d08e5581f3a8c014db8549241e5c0db476a16b86d27860eef150
SHA512

3a79cad548433b7c2f19e396cb04e8c7e71e9d8ec140978f4179763eb84de5a64befc757643fe3b9421714f24c1c0a146155c0853dea6b26766ac8034d9330d1
SSDEEP

196608:mCJY1vL+V/+J2CD7enIrJ49PoGWmwaN+qg+e:mzz+V/1YenIu9PoGp4q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-07-03_cba1e94d122f9719b6a19c3c40528b38_bkransomware

Files

2024-07-03_cba1e94d122f9719b6a19c3c40528b38_bkransomware
.exe windows:6 windows x86 arch:x86

56d8d2610ace758d8850fce62640d523

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
ReleaseSemaphore
VirtualProtect
VirtualFree
VirtualAlloc
GetModuleHandleA
FreeLibraryAndExitThread
FreeLibrary
GetThreadTimes
OutputDebugStringW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcessId
QueryPerformanceCounter
WriteFile
GetModuleFileNameW
GetFileType
GetStdHandle
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
IsDebuggerPresent
GetProcessHeap
HeapAlloc
HeapSize
WideCharToMultiByte
MultiByteToWideChar
GetModuleHandleExW
ExitProcess
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
QueryDepthSList
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
WaitForSingleObjectEx
SetEvent
CreateTimerQueue
HeapFree
LoadLibraryExW
CreateThread
CreateSemaphoreW
GetProcAddress
GetModuleHandleW
GetTickCount
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
CreateEventW
InitializeCriticalSectionAndSpinCount
SetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsProcessorFeaturePresent
RtlUnwind
RaiseException
GetCommandLineW
HeapReAlloc
GetLastError
DecodePointer
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetSystemTimeAsFileTime
GetExitCodeThread
GetCurrentThreadId
GetCurrentThread
GetCurrentProcess
UnregisterWaitEx
LCMapStringW
GetStringTypeW
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetFilePointerEx
SetStdHandle
WriteConsoleW
SwitchToThread
GetFileSize
lstrcpyW
ResumeThread
DeleteFileW
FileTimeToLocalFileTime
GetWindowsDirectoryW
WinExec
GetThreadPriority
GetSystemInfo
DeviceIoControl
RemoveDirectoryW
LockResource
GetDiskFreeSpaceW
SetThreadLocale
VerifyVersionInfoW
GetTempPathW
WritePrivateProfileStringW
SetThreadPriority
lstrcpynW
GetExitCodeProcess
HeapDestroy
GetVersionExW
ReadProcessMemory
SizeofResource
Sleep
LoadLibraryW
GetSystemDirectoryW
VirtualQueryEx
GetUserDefaultLCID
SystemTimeToTzSpecificLocalTime
FindResourceW
SetErrorMode
GetDriveTypeW
RtlCaptureContext
GetTempFileNameW
EncodePointer
EnumCalendarInfoW
SuspendThread
GetVersion
GetCPInfoExW
ExitThread
GetFileAttributesW
FormatMessageW
SignalObjectAndWait
VerSetConditionMask
LoadResource
DeleteTimerQueueTimer
WaitForSingleObject
DuplicateHandle
CloseHandle
CreateFileW

user32

GetKeyboardType
ShowOwnedPopups
SetWindowRgn
GetSystemMenu
CharUpperBuffW
CreateDialogParamA
GetMessageW
PostQuitMessage
TrackPopupMenu
SetCapture
PostMessageW
KillTimer
DeleteMenu
GetParent
AttachThreadInput
LoadIconA
RemovePropA
SetParent
GetClientRect
CreateMenu
DrawTextExW
SetFocus
DrawEdge
ModifyMenuW
GetQueueStatus
GetWindowTextA
SetPropA
SetRect
MessageBoxA
UnionRect
InvalidateRect
UnregisterClassA
GetWindowTextW
PeekMessageA
GetClassNameW
ReleaseDC
MonitorFromWindow
GetDlgItem
ScrollWindow
SetWindowLongW
SetWindowsHookExA
RedrawWindow
SendDlgItemMessageW
CheckMenuItem
EnumChildWindows
ShowWindow
CreatePopupMenu
GetSysColorBrush
AppendMenuA
IsWindow
CheckDlgButton
CreateWindowExW
InsertMenuW
SetCaretPos
InsertMenuA
SetWindowTextA
SetDlgItemTextW
SendMessageW
MapWindowPoints
UpdateWindow
EnableWindow
LoadCursorA
GetCaretBlinkTime
SetWindowTextW
SetMenuItemInfoW
SetDlgItemTextA
GetMonitorInfoW
RegisterClassA
IsIconic
IsZoomed
RegisterClassW
ToAsciiEx
GetMessageA
SendDlgItemMessageA
MsgWaitForMultipleObjects
MessageBeep
GetMenuStringW
GetMenuItemInfoW
BeginPaint
SetScrollRange
WaitMessage
GetDC
SetDlgItemInt
OffsetRect
SetWindowLongA
EnableMenuItem
CharUpperW
GetDesktopWindow
GetSysColor
IsDlgButtonChecked
GetMenuItemCount
CreateCaret
PostMessageA
FlashWindow
ReleaseCapture
GetSystemMetrics
GetDlgCtrlID
GetDlgItemTextA
DialogBoxParamA
SetScrollInfo

gdi32

GetBitmapBits
MoveToEx
BitBlt
TranslateCharsetInfo
GetTextExtentPoint32A
SetTextColor
CreateFontIndirectA
GetDIBits
SetBkColor
ExcludeClipRect
GdiFlush
CreatePalette
CreateBitmap
DeleteObject
SelectObject
CreatePenIndirect
GetObjectType
SelectPalette
CreateRectRgn
GetCharWidth32A
GetTextExtentPointA
GetCharABCWidthsFloatA
GetSystemPaletteEntries
RoundRect
GetPixel
GetStockObject
ExtTextOutA
RestoreDC
TextOutA
PatBlt
ExtCreatePen
GetTextExtentPoint32W
CreateFontA
CopyEnhMetaFileA
SelectClipRgn
SetMapMode
Rectangle
CreateBrushIndirect
SetTextAlign
IntersectClipRect
EndDoc
UpdateColors
CreateDIBitmap

comdlg32

FindTextW

advapi32

RegSetValueExW
RegLoadKeyW
GetUserNameA
AllocateAndInitializeSid
ChangeServiceConfigW
RegGetKeySecurity
InitializeSecurityDescriptor
RegQueryInfoKeyW
OpenServiceW
CloseServiceHandle
RegUnLoadKeyW
RegEnumKeyExW
ControlService
GetLengthSid
RegSetKeySecurity
RegConnectRegistryW
QueryServiceStatus
EqualSid

shell32

CommandLineToArgvW
ShellExecuteW
ExtractIconExW
Shell_NotifyIconW

ole32

CoInitialize

oleaut32

SafeArrayPtrOfIndex
SysAllocStringLen
VariantInit
VariantClear
SafeArrayCreate
SysReAllocStringLen
VariantCopy

Sections

.text
Size: 715KB - Virtual size: 715KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6.0MB - Virtual size: 6.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.nian
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

56d8d2610ace758d8850fce62640d523

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 715KB - Virtual size: 715KB

.data Size: 6.0MB - Virtual size: 6.0MB

.idata Size: 8KB - Virtual size: 8KB

.nian Size: 4KB - Virtual size: 3KB

.reloc Size: 14KB - Virtual size: 13KB

.text
Size: 715KB - Virtual size: 715KB

.data
Size: 6.0MB - Virtual size: 6.0MB

.idata
Size: 8KB - Virtual size: 8KB

.nian
Size: 4KB - Virtual size: 3KB

.reloc
Size: 14KB - Virtual size: 13KB