2024-07-23_ef846876c1bda084c58a5f4589792f1a_bkransomware

Sharing

Copy URL Twitter E-mail

General

Target

2024-07-23_ef846876c1bda084c58a5f4589792f1a_bkransomware
Size

6.7MB
MD5

ef846876c1bda084c58a5f4589792f1a
SHA1

c6ffedda50da245497f8dd9b2f07e2f8782ee41c
SHA256

f6b37aa27ff9b7b30e85c6faf22968f1cb8914e3f7a43bfb815b64fa8feec5f0
SHA512

0e0a343b5e413172729c6458364c19b5a523a45cca11d22ae35444dc4dbba03541bff750c234113b3f259526410d63f0d648bd7b0aeb682121ce894dea1e1353
SSDEEP

196608:vZu106WjtGYZwlyrSuoCuwNhpcgLnnzNTAJi8vX/:xdVtGYZIyJJUgLBGT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-07-23_ef846876c1bda084c58a5f4589792f1a_bkransomware

Files

2024-07-23_ef846876c1bda084c58a5f4589792f1a_bkransomware
.exe windows:6 windows x86 arch:x86

0a8b757d4cc14704b2d609d65ecee7b2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetThreadTimes
OutputDebugStringW
SetFilePointerEx
ReadFile
GetConsoleMode
GetConsoleCP
FlushFileBuffers
FreeEnvironmentStringsW
GetCurrentProcessId
QueryPerformanceCounter
WriteFile
GetModuleFileNameW
GetFileType
GetStdHandle
GetOEMCP
GetACP
IsValidCodePage
GetProcessHeap
HeapSize
GetModuleHandleExW
ExitProcess
EnumSystemLocalesW
IsValidLocale
GetLocaleInfoW
LCMapStringW
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
WaitForSingleObjectEx
SetEvent
FreeLibrary
CreateTimerQueue
HeapAlloc
LoadLibraryExW
CreateThread
CreateSemaphoreW
GetProcAddress
GetModuleHandleW
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
CreateEventW
InitializeCriticalSectionAndSpinCount
SetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsProcessorFeaturePresent
GetCPInfo
RtlUnwind
RaiseException
GetCommandLineW
HeapFree
HeapReAlloc
GetStringTypeW
MultiByteToWideChar
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
DecodePointer
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentThread
WaitForSingleObject
DuplicateHandle
CloseHandle
WideCharToMultiByte
FreeLibraryAndExitThread
GetModuleHandleA
VirtualFree
VirtualProtect
ReleaseSemaphore
InitializeSListHead
InterlockedPopEntrySList
InterlockedPushEntrySList
InterlockedFlushSList
QueryDepthSList
UnregisterWaitEx
SetStdHandle
WriteConsoleW
ReadConsoleW
CreateFileW
GetVersion
GetUserDefaultUILanguage
IsDebuggerPresent
GetThreadPriority
GetDriveTypeW
LockResource
GetExitCodeThread
GetDiskFreeSpaceW
VirtualAlloc
GetThreadLocale
SetThreadPriority
ExitThread
GetFileAttributesW
lstrcpynW
GetExitCodeProcess
HeapCreate
FormatMessageW
Sleep
LoadLibraryW
GetSystemDirectoryW
GetTickCount
SignalObjectAndWait
GetUserDefaultLCID
GetEnvironmentStringsW
GetCurrentProcess
FindFirstFileW
GetTempFileNameW
EncodePointer
GetFullPathNameW
GetSystemDefaultLangID
SwitchToThread
lstrcpyW
DeleteFileW
GetWindowsDirectoryW
EnumResourceTypesW
GetLastError
SetThreadLocale
GetTempPathW
FileTimeToSystemTime
GetVersionExW
GetUserDefaultLangID
GetPrivateProfileStringW
GetLogicalDrives
VerSetConditionMask

user32

PostMessageW
SendDlgItemMessageA
SetCapture
IsIconic
MsgWaitForMultipleObjects
RegisterWindowMessageW
ValidateRect
SetScrollInfo
GetMessageW
MapDialogRect
SetTimer
SetWindowRgn
GetMessageA
SetCursor
ShowOwnedPopups
DeleteMenu
LoadIconA
MessageBeep
GetClientRect
GetWindowTextLengthA
BeginPaint
GetDoubleClickTime
WaitMessage
GetQueueStatus
GetWindowPlacement
GetWindowTextA
SetWindowLongA
MessageBoxA
LoadMenuW
SetScrollPos
MonitorFromWindow
ScrollWindow
ShowWindow
GetMenuItemCount
IsWindow
PostMessageA
GetKeyboardType
CreateWindowExW
RegisterClassW
SetCaretPos
SetWindowTextA
SetDlgItemTextW
SendMessageW
UpdateWindow
SetWindowTextW
GetMonitorInfoW
GetMessageTime
RegisterClassA
TrackPopupMenu
ReleaseDC
GetSysColor
ToAsciiEx
GetDlgItemInt
GetSystemMenu
HideCaret
CreateDialogParamA
CharNextW
SetKeyboardState
GetSubMenu
AttachThreadInput
DrawTextExW
ShowCaret
GetDC
PeekMessageA
EnableMenuItem
GetDesktopWindow
FlashWindow
GetSystemMetrics
GetDlgItemTextW
SetMenuItemInfoW

gdi32

ExcludeClipRect
GdiFlush
CreateHalftonePalette
DeleteObject
CreatePenIndirect
CreateRectRgnIndirect
SetMapMode
CreateCompatibleBitmap
SelectPalette
CopyEnhMetaFileA
Polyline
CreatePen
GetClipBox
EndDoc
ExtTextOutA
TextOutA
GetTextExtentPoint32W
MaskBlt
CreatePalette
CreateBitmap
SelectObject
CreateBrushIndirect
GetCurrentPositionEx
GetPixel
GetStockObject
UpdateColors
CreateFontIndirectA
GetDeviceCaps
SetTextColor
GetTextExtentPoint32A
PatBlt
GetWindowOrgEx
TranslateCharsetInfo
EndPage
ExtCreatePen
SetDIBColorTable

comdlg32

FindTextW
GetOpenFileNameW

advapi32

StartServiceW
RegSetKeySecurity
RegSetValueExW
RegLoadKeyW
RegConnectRegistryW
QueryServiceStatus
InitializeSecurityDescriptor
CopySid
OpenServiceW
CloseServiceHandle
EqualSid

shell32

ExtractIconExW
CommandLineToArgvW

oleaut32

SysFreeString
VariantCopy
VariantClear
SafeArrayGetUBound
SafeArrayPtrOfIndex
VariantChangeType

Sections

.text
Size: 702KB - Virtual size: 701KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6.0MB - Virtual size: 6.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0a8b757d4cc14704b2d609d65ecee7b2

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

oleaut32

Sections

.text Size: 702KB - Virtual size: 701KB

.data Size: 6.0MB - Virtual size: 6.0MB

.idata Size: 7KB - Virtual size: 6KB

.reloc Size: 20KB - Virtual size: 20KB

.text
Size: 702KB - Virtual size: 701KB

.data
Size: 6.0MB - Virtual size: 6.0MB

.idata
Size: 7KB - Virtual size: 6KB

.reloc
Size: 20KB - Virtual size: 20KB