Static task
static1
Behavioral task
behavioral1
Sample
2024-07-27_c7d500ecb6dc0bb52d24b1fdd44f4cd0_bkransomware.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
2024-07-27_c7d500ecb6dc0bb52d24b1fdd44f4cd0_bkransomware.exe
Resource
win10v2004-20240709-en
General
-
Target
2024-07-27_c7d500ecb6dc0bb52d24b1fdd44f4cd0_bkransomware
-
Size
567KB
-
MD5
c7d500ecb6dc0bb52d24b1fdd44f4cd0
-
SHA1
fa0f6591e6e008362cd223a1171d012a9b6e026c
-
SHA256
f26909d144960bc463cffb7bbf7df0ff462fb12dbde493952c47d769387bd265
-
SHA512
fe483e612c4dd26961a23a56b516d839e64003f663a8623c239c5aa41dc2ff05f4c57768db750a4c5264d2565df9ebb745625f2226473f48908742223a9982a8
-
SSDEEP
12288:vrr6aklX/I+nYKJBcpnwuUeEjtlTVY/uYS0QOhB4j:zrE5/IFecpnwuUzJfkuY7+j
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 2024-07-27_c7d500ecb6dc0bb52d24b1fdd44f4cd0_bkransomware
Files
-
2024-07-27_c7d500ecb6dc0bb52d24b1fdd44f4cd0_bkransomware.exe windows:5 windows x86 arch:x86
7e925f292760fbfe550fee03288160ec
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
gdi32
SetTextColor
GetMapMode
GetDCBrushColor
UpdateColors
GetSystemPaletteUse
GetNearestPaletteIndex
SetTextJustification
SetPixel
GetTextAlign
GetTextCharset
GetTextCharacterExtra
GetTextCharsetInfo
GetDeviceCaps
GetFontLanguageInfo
GetBkColor
SetTextAlign
GetDCPenColor
GetClipRgn
user32
GetMenu
GetQueueStatus
GetWindowDC
CallWindowProcA
GetMenuContextHelpId
GetPropA
CheckDlgButton
GetCursor
MoveWindow
GetMenuState
GetDlgItemInt
DrawTextA
SetDlgItemTextA
LoadIconA
SetFocus
IsWindowEnabled
IsWindowUnicode
RemovePropA
BeginPaint
GetForegroundWindow
EndDialog
EnableWindow
GetInputState
ShowWindow
PostMessageA
GetWindowLongA
GetDlgItem
GetMenuItemID
EndPaint
GetMenuItemCount
GetWindowContextHelpId
WindowFromDC
GetDC
kernel32
SetEnvironmentVariableA
SetEnvironmentVariableW
SetEndOfFile
CreateProcessW
GetExitCodeProcess
WaitForSingleObject
FlushFileBuffers
WriteConsoleW
CreateFileW
GetCurrentDirectoryW
SetCurrentDirectoryW
GetFullPathNameW
PeekNamedPipe
GetFileInformationByHandle
FileTimeToLocalFileTime
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
HeapSize
OutputDebugStringW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetModuleFileNameA
ReadConsoleW
RaiseException
SetFilePointerEx
ReadFile
SetStdHandle
GetStringTypeW
GetProcAddress
GetModuleHandleA
LoadResource
GlobalFlags
SetFilePointer
GetTickCount
GetCurrentProcessId
GlobalSize
FindClose
QueryPerformanceCounter
GetCurrentThreadId
GetVersion
LockResource
LocalFlags
IsProcessorFeaturePresent
MoveFileA
GetFileType
GetStdHandle
DeleteFileA
GlobalHandle
GetFileTime
GetCurrentProcess
IsDebuggerPresent
GetLastError
FindResourceA
GetProcessHeap
HeapFree
HeapAlloc
GetSystemTimeAsFileTime
EncodePointer
DecodePointer
ExitProcess
GetModuleHandleExW
AreFileApisANSI
MultiByteToWideChar
WideCharToMultiByte
GetTimeZoneInformation
GetTempPathA
DeleteCriticalSection
HeapReAlloc
GetCommandLineA
WriteFile
GetModuleFileNameW
SetLastError
GetCurrentThread
EnterCriticalSection
LeaveCriticalSection
FatalAppExitA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
CreateEventW
Sleep
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
CreateSemaphoreW
SetConsoleCtrlHandler
FreeLibrary
LoadLibraryExW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
FindFirstFileExW
GetDriveTypeW
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
RtlUnwind
GetConsoleCP
GetConsoleMode
CloseHandle
DeleteFileW
GetFileAttributesExW
GetFullPathNameA
Sections
.text Size: 510KB - Virtual size: 509KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 32KB - Virtual size: 32KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 24KB - Virtual size: 86KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE