2024-07-26_5f958f64f1a449de04fd877e4fe0b1dd_bkransomware

Sharing

Copy URL

Twitter E-mail

General

Target

2024-07-26_5f958f64f1a449de04fd877e4fe0b1dd_bkransomware
Size

3.0MB
MD5

5f958f64f1a449de04fd877e4fe0b1dd
SHA1

01f8e47872dee7b7d0ace180e5782fa2ef545438
SHA256

cc8009341d7fcbe41236c6db8b190373eb7cf0881a9813d03433519ecdded4e7
SHA512

783f254472ba406d15cfeb980e70fb9ff7e4ceaa134a916b4a44497f9913605c54e6b1d0e6e2f3baaf9937f6fe0a1b3e6a1fbed09e353f651b9723b5c30d60e2
SSDEEP

24576:723gagDP2aIcSA9jILig6tfvfP418Wr1nGYA6TgmrF3El1KcjCgRMu:KQagjlg0X4184rfu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-07-26_5f958f64f1a449de04fd877e4fe0b1dd_bkransomware

Files

2024-07-26_5f958f64f1a449de04fd877e4fe0b1dd_bkransomware
.exe windows:5 windows x86 arch:x86

37fa1ed0dfda0bcf435405452a827494

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAlloc
LocalFree
VirtualAlloc
HeapAlloc
ExitProcess
GetEnvironmentStringsW
GetLastError
DeleteCriticalSection
CloseHandle
MulDiv
FormatMessageW
CreateEventW
LoadLibraryW
FindResourceW
FindResourceExW
CreateFileW
DeleteFileW
IsValidCodePage
MultiByteToWideChar
GetStringTypeW
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
LCMapStringW
HeapSize
HeapReAlloc
OutputDebugStringW
RtlUnwind
LoadLibraryExW
GetCommandLineW
SetLastError
GetCurrentThreadId
EncodePointer
DecodePointer
GetModuleHandleExW
GetProcAddress
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
GetStartupInfoW
GetModuleFileNameW
WriteFile
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
EnterCriticalSection
LeaveCriticalSection
HeapFree
GetACP
GetOEMCP
GetCPInfo
IsDebuggerPresent
IsProcessorFeaturePresent
WriteConsoleW

setupapi

CM_Get_DevNode_Registry_Property_ExW
SetupDiSetClassInstallParamsW
SetupDiSetDeviceRegistryPropertyW
SetupDiGetDeviceRegistryPropertyW
SetupDiCallClassInstaller
SetupDiGetClassDevsExW
SetupDiGetSelectedDriverW
SetupDiEnumDriverInfoW
SetupDiBuildDriverInfoList
SetupDiOpenDeviceInterfaceW
SetupDiOpenDeviceInfoW
SetupDiCreateDeviceInfoListExW
SetupDiOpenDevRegKey

mpr

WNetGetLastErrorW
WNetGetUniversalNameW
WNetGetResourceInformationW

Sections

.text
Size: 94KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 6.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.0tai4
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.1n8d83
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

37fa1ed0dfda0bcf435405452a827494

Headers

File Characteristics

Imports

kernel32

setupapi

mpr

Sections

.text Size: 94KB - Virtual size: 94KB

.data Size: 19KB - Virtual size: 6.3MB

.idata Size: 2KB - Virtual size: 2KB

.xdata Size: 1024B - Virtual size: 724B

.0tai4 Size: 1.3MB - Virtual size: 1.3MB

.1n8d83 Size: 1.5MB - Virtual size: 1.5MB

.rsrc Size: 84KB - Virtual size: 83KB

.text
Size: 94KB - Virtual size: 94KB

.data
Size: 19KB - Virtual size: 6.3MB

.idata
Size: 2KB - Virtual size: 2KB

.xdata
Size: 1024B - Virtual size: 724B

.0tai4
Size: 1.3MB - Virtual size: 1.3MB

.1n8d83
Size: 1.5MB - Virtual size: 1.5MB

.rsrc
Size: 84KB - Virtual size: 83KB