2024-07-05_c6e786a772f7a9caa553c2e0d4349a89_bkransomware

Sharing

Copy URL Twitter E-mail

General

Target

2024-07-05_c6e786a772f7a9caa553c2e0d4349a89_bkransomware
Size

6.7MB
MD5

c6e786a772f7a9caa553c2e0d4349a89
SHA1

ebd55362960ce779005079fccbedacecd1eefb4c
SHA256

6f7b0d7810dbeb9c8e4d865aaf8848274338e14c8b50ca4569b16c43d4ea4610
SHA512

3dabf7eaf14452195f38be685637af1ca216c1b29cf1c00eb40fa9dd7d4e5abb8bceb076cd61914679bf7988e1e409c29991f3509f549ef4b1e3b912c7c6a2a5
SSDEEP

196608:i2muOit6/OhyDcNU7dFusYyXcRSPXRCJIB8g:iRuHoOu7H5YyXcRSPBYg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-07-05_c6e786a772f7a9caa553c2e0d4349a89_bkransomware

Files

2024-07-05_c6e786a772f7a9caa553c2e0d4349a89_bkransomware
.exe windows:6 windows x86 arch:x86

4ccbeb1bd2acf6266bf2d1e4d96ab7df

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
ReleaseSemaphore
VirtualProtect
VirtualFree
VirtualAlloc
GetVersionExW
GetModuleHandleA
FreeLibraryAndExitThread
OutputDebugStringW
FreeEnvironmentStringsW
GetEnvironmentStringsW
WriteFile
GetModuleFileNameW
GetFileType
GetStdHandle
GetCPInfo
IsValidCodePage
IsDebuggerPresent
GetProcessHeap
HeapAlloc
HeapSize
MultiByteToWideChar
ExitProcess
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
UnregisterWaitEx
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SetThreadPriority
SwitchToThread
SignalObjectAndWait
SetEvent
CreateTimerQueue
LoadLibraryExW
ExitThread
CreateSemaphoreW
GetProcAddress
GetModuleHandleW
GetTickCount
TlsFree
TlsSetValue
InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlUnwind
GetCommandLineW
HeapReAlloc
GetLastError
DecodePointer
EncodePointer
EnterCriticalSection
GetExitCodeThread
GetCurrentThreadId
DuplicateHandle
CloseHandle
LCMapStringW
GetStringTypeW
GetConsoleMode
CreateFileA
SetFilePointerEx
LoadLibraryW
SetStdHandle
CreateThread
ExpandEnvironmentStringsW
EnumSystemLocalesW
GetSystemTime
DeleteCriticalSection
GetOEMCP
CreateFileMappingA
LoadLibraryA
GetLocalTime
ResetEvent
GlobalFree
SetLastError
IsDBCSLeadByteEx
RaiseException
FlushFileBuffers
GlobalUnlock
GetACP
CreateFileW
TerminateProcess
CreateProcessA
IsProcessorFeaturePresent
LeaveCriticalSection
GetSystemTimeAdjustment
Sleep
GetLocaleInfoW
IsValidLocale
WideCharToMultiByte
GetConsoleCP
OpenProcess
GetProcessTimes
GetCommandLineA
ClearCommBreak
GetWindowsDirectoryA
GetCurrentThread
WaitForSingleObjectEx
ConnectNamedPipe
WaitForSingleObject
SetHandleInformation
GetModuleHandleExW
QueryPerformanceCounter
InitializeSListHead
GetCommState
SetDllDirectoryW
FreeLibrary
GetEnvironmentVariableW
CreateEventW
GetThreadTimes
GetCurrentProcessId
TlsAlloc
FindNextFileA
GetModuleFileNameA
CreatePipe
FindClose
FindFirstFileA
GetStartupInfoW
SetCommTimeouts
SetCommState
GetSystemTimeAsFileTime
ExpandEnvironmentStringsA
SetCommBreak
GlobalLock
HeapFree
GetCurrentProcess
WaitNamedPipeA
TlsGetValue
GetNumaHighestNodeNumber
WriteConsoleW

user32

ToAsciiEx
ClientToScreen
DestroyAcceleratorTable
SetWindowRgn
GetMessageW
SendDlgItemMessageA
SetKeyboardState
MsgWaitForMultipleObjects
DrawIconEx
GetWindowInfo
MessageBeep
SetParent
GetClientRect
CreateMenu
BeginPaint
EnumWindows
WaitMessage
GetKeyboardState
GetWindowPlacement
OffsetRect
GetWindowTextA
GetScrollInfo
MessageBoxA
UnregisterClassA
ReleaseDC
DrawStateW
ScrollWindow
SetWindowsHookExA
DestroyCursor
GetSysColor
ShowWindow
SetMenu
CreatePopupMenu
AppendMenuA
CreateWindowExW
MessageBoxW
SystemParametersInfoA
ScrollWindowEx
BeginDeferWindowPos
GetSystemMetrics
SetCaretPos
SendMessageW
UpdateWindow
EndMenu
DestroyMenu
LoadCursorA
GetCaretBlinkTime
DestroyIcon
SetDlgItemTextA
ValidateRect
GetWindowThreadProcessId
IsRectEmpty
EndPaint
DestroyWindow
SetCursor
GetSystemMenu
HideCaret
MapDialogRect
SetCapture
KillTimer
IsZoomed
LoadIconA
DrawEdge
GetDC
ShowCursor
GetKeyboardLayout
CheckMenuRadioItem
InvalidateRect
SetScrollPos
PeekMessageA
EnableMenuItem
GetDlgItem
EndDialog
GetDesktopWindow
CheckDlgButton
DrawMenuBar
FlashWindow
RegisterClassW
SetWindowTextA
ValidateRgn
GetDlgItemTextA
RegisterClassA

gdi32

MoveToEx
SetWindowOrgEx
EndPage
SetLayout
TranslateCharsetInfo
GetWindowOrgEx
GetTextExtentPoint32A
SetViewportOrgEx
SetTextColor
GetCharacterPlacementW
CreateHatchBrush
DeleteDC
GetDIBits
SetBkColor
CopyEnhMetaFileA
CreateBitmap
DeleteObject
SelectClipRgn
CreatePenIndirect
PolyPolyline
PlayEnhMetaFile
CombineRgn
CreateCompatibleBitmap
Rectangle
GetObjectType
GetTextExtentPointW
CreatePolygonRgn
SetPaletteEntries
GetObjectW
GetCharABCWidthsW
SetStretchBltMode
GetTextExtentPointA
CreatePatternBrush
SetROP2
RoundRect
CreateDIBitmap
EndDoc
GetStockObject
SetWinMetaFileBits
ExtTextOutA
RestoreDC
UpdateColors
StretchBlt
GetCharWidth32A
PolyPolygon
Arc
LineTo
GetMetaFileBitsEx
Polygon
CreateHalftonePalette
SetPixel
SelectObject
ExtCreateRegion
SetPolyFillMode
GetDIBColorTable
Polyline
CreatePen
GetClipBox
SetTextAlign
IntersectClipRect
CloseEnhMetaFile
CreateEnhMetaFileW
CreateSolidBrush
SelectPalette
RectVisible

advapi32

AdjustTokenPrivileges
SetSecurityDescriptorOwner
RegDeleteValueA
LookupPrivilegeValueW
RegQueryValueExW
GetLengthSid
AllocateAndInitializeSid
InitializeSecurityDescriptor
RegDeleteKeyA
EqualSid
CopySid
RegCloseKey

Sections

.text
Size: 706KB - Virtual size: 706KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6.0MB - Virtual size: 6.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.UEF
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4ccbeb1bd2acf6266bf2d1e4d96ab7df

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 706KB - Virtual size: 706KB

.data Size: 6.0MB - Virtual size: 6.0MB

.idata Size: 8KB - Virtual size: 7KB

.UEF Size: 3KB - Virtual size: 3KB

.reloc Size: 14KB - Virtual size: 13KB

.text
Size: 706KB - Virtual size: 706KB

.data
Size: 6.0MB - Virtual size: 6.0MB

.idata
Size: 8KB - Virtual size: 7KB

.UEF
Size: 3KB - Virtual size: 3KB

.reloc
Size: 14KB - Virtual size: 13KB