2024-07-06_ce1c994a923376d4b9d038c55649202e_bkransomware

Sharing

Copy URL

Twitter E-mail

General

Target

2024-07-06_ce1c994a923376d4b9d038c55649202e_bkransomware
Size

6.8MB
MD5

ce1c994a923376d4b9d038c55649202e
SHA1

05142badd650b0c8c6d021c790b05fef69072db8
SHA256

d114493c711c531ea6d8d1c84ccff59a9d5d2186100f8a9ac8259e38ae0d2827
SHA512

8ff3c8db4e8fe9751cbf2e286133024347cc5627be8d09986001c95922edecfe5f03ffa24d01fe583d5a2e80d57209df9a47ac5ca9ffb60a03f385c8cc8d5502
SSDEEP

196608:66pQ+oXF6vg4VsMod76Ac/GB5OkGXNsW3cZrGV:vBoUVsH7AAOxXNL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-07-06_ce1c994a923376d4b9d038c55649202e_bkransomware

Files

2024-07-06_ce1c994a923376d4b9d038c55649202e_bkransomware
.exe windows:6 windows x86 arch:x86

54e4f796a099e3376cb1529315d2d727

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetUserDefaultUILanguage
GetVersion
GetCurrentProcessId
GetThreadTimes
CreateThread
GetFileAttributesW
GetFullPathNameW
EnumResourceNamesW
GlobalMemoryStatus
FindFirstFileW
TlsGetValue
GetLocaleInfoA
GetCPInfo
VirtualQuery
GetCommState
GetCurrentProcess
InitializeSListHead
SetEnvironmentVariableW
QueryPerformanceCounter
SetHandleInformation
GetTickCount
GetProcessTimes
TlsSetValue
OpenProcess
InitializeCriticalSectionAndSpinCount
Sleep
GetSystemTimeAdjustment
HeapDestroy
LeaveCriticalSection
Beep
TerminateProcess
SetThreadPriority
WritePrivateProfileStringW
GetCPInfoExW
IsDBCSLeadByteEx
GetThreadLocale
ResetEvent
CreateFileMappingA
GetFileType
GetModuleHandleA
DeleteCriticalSection
GetSystemTime
DeleteFileA
ExpandEnvironmentStringsW
SwitchToThread
WriteConsoleW
GetStringTypeW
LoadLibraryW
SetFilePointerEx
GetConsoleMode
FlushFileBuffers
LCMapStringW
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
ReleaseSemaphore
VirtualProtect
VirtualFree
GetVersionExW
FreeLibraryAndExitThread
FreeLibrary
OutputDebugStringW
FreeEnvironmentStringsW
GetEnvironmentStringsW
WriteFile
GetModuleFileNameW
GetStdHandle
GetACP
IsValidCodePage
IsDebuggerPresent
GetProcessHeap
HeapAlloc
HeapSize
WideCharToMultiByte
MultiByteToWideChar
GetModuleHandleExW
ExitProcess
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
CreateFileW
GetProcessAffinityMask
FindNextFileW
GetOEMCP
EnumResourceTypesW
CreatePipe
DeviceIoControl
CreateEventW
GetExitCodeThread
GetLocalTime
GlobalFree
CreateNamedPipeA
VirtualAlloc
VerifyVersionInfoW
GetPrivateProfileIntW
GetTimeZoneInformation
CreateEventA
HeapCreate
GetSystemDirectoryW
GetConsoleCP
GetSystemTimeAsFileTime
GetCommandLineA
GetCurrentThread
WaitForSingleObjectEx
SignalObjectAndWait
GetUserDefaultLCID
HeapFree
CompareFileTime
SetDllDirectoryW
SetErrorMode
MapViewOfFile
GetTempFileNameW
EncodePointer
SetStdHandle
GetCommandLineW
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SetEvent
CreateTimerQueue
LoadLibraryExW
CloseHandle
DuplicateHandle
WaitForSingleObject
GetCurrentThreadId
EnterCriticalSection
DecodePointer
GetLastError
HeapReAlloc
RaiseException
RtlUnwind
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
TlsAlloc
TlsFree
GetStartupInfoW
GetModuleHandleW
GetProcAddress
CreateSemaphoreW
ExitThread

user32

GetSubMenu
LoadStringA
AttachThreadInput
CharLowerBuffW
DrawTextExW
InflateRect
MessageBoxA
LoadMenuW
GetWindowTextW
SystemParametersInfoW
MonitorFromWindow
DrawStateW
DestroyCursor
SendDlgItemMessageW
ShowWindow
GetMenuItemCount
CreateWindowExW
InsertMenuW
GetDlgItemTextW
SendMessageW
UpdateWindow
GetDlgCtrlID
ToUnicode
SetMenuItemInfoW
CopyRect
GetWindow
IsRectEmpty
GetDlgItemInt
ClientToScreen
DestroyAcceleratorTable
CharUpperBuffW
CharNextW
RegisterWindowMessageW
GetWindowInfo
EnumWindows
CreateIconIndirect
GetDC
CreateDialogIndirectParamA
SetDlgItemInt
CheckMenuRadioItem
GetClassNameW
SetWindowLongW
GetDesktopWindow
SetDlgItemTextW
ValidateRgn
EndMenu
DrawFrameControl
GetMonitorInfoW
GetMessageW

gdi32

ExtFloodFill
OffsetRgn
GetCharABCWidthsW
SetViewportExtEx
CloseEnhMetaFile
SetWindowOrgEx
SetWindowExtEx
PlayEnhMetaFile
RectInRegion
CreateBitmapIndirect
GetObjectW
SetStretchBltMode
GetNearestPaletteIndex
CreateEnhMetaFileW
PolyPolygon

comdlg32

GetOpenFileNameW
GetSaveFileNameW
FindTextW

advapi32

RegCloseKey
AdjustTokenPrivileges
RegEnumKeyExW
ControlService
RegGetKeySecurity
RegQueryValueExW
OpenServiceW
OpenSCManagerW
RegOpenKeyExW
RegDeleteValueA
QueryServiceStatus
RegSetValueExW

shell32

SHGetFileInfoW
ShellExecuteExW
Shell_NotifyIconW

oleaut32

SysFreeString
VariantInit
SafeArrayGetUBound
SafeArrayCreate
VariantCopy
VariantClear

Sections

.text
Size: 781KB - Virtual size: 781KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6.0MB - Virtual size: 6.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.lIZ
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

54e4f796a099e3376cb1529315d2d727

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

oleaut32

Sections

.text Size: 781KB - Virtual size: 781KB

.data Size: 6.0MB - Virtual size: 6.0MB

.idata Size: 6KB - Virtual size: 6KB

.lIZ Size: 2KB - Virtual size: 2KB

.reloc Size: 13KB - Virtual size: 13KB

.text
Size: 781KB - Virtual size: 781KB

.data
Size: 6.0MB - Virtual size: 6.0MB

.idata
Size: 6KB - Virtual size: 6KB

.lIZ
Size: 2KB - Virtual size: 2KB

.reloc
Size: 13KB - Virtual size: 13KB