2024-08-09_23d4a37fd6447debbff1ce152c96ac32_bkransomware

Sharing

Copy URL Twitter E-mail

General

Target

2024-08-09_23d4a37fd6447debbff1ce152c96ac32_bkransomware
Size

1.4MB
MD5

23d4a37fd6447debbff1ce152c96ac32
SHA1

4d855fc546ec5e3925c42c831e7e631cd975eca6
SHA256

08bcbd36ba7484c985a9681338210a68e52bfb0061dc1a43757df51d108eba63
SHA512

c2e1a16a8c8b0771a5de612ba55d5c2ec531039d16f5424e07cf1428874a26de9ca5a733aafb4d4816b6c234c77567b4f3ddac59245e8f956c2b0e95f02d68ec
SSDEEP

24576:uELttK8+xBuKhpSK438pckG0WY9gxdvAp2ei9tige/5igzuCe8KLcWAumkSDYc1u:uELtPgS17wDBmKKO7Y/z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-08-09_23d4a37fd6447debbff1ce152c96ac32_bkransomware

Files

2024-08-09_23d4a37fd6447debbff1ce152c96ac32_bkransomware
.exe windows:5 windows x86 arch:x86

da346fe050b19c7bda9d340dd5b0ad5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

H:\progs\Compiling\notepad2-mod\bin\VS2013\Release_x86\Notepad2.pdb

Imports

comctl32

ord8
ImageList_Destroy
ImageList_Create
InitCommonControlsEx
CreateStatusWindowW
ImageList_AddMasked

shlwapi

StrDupW
StrChrA
StrCmpNIA
StrCpyW
UrlUnescapeW
PathRelativePathToW
PathIsPrefixW
PathUnExpandEnvStringsW
PathIsDirectoryW
PathFindExtensionW
StrStrW
PathIsRelativeW
PathCanonicalizeW
PathGetDriveNumberW
PathIsRootW
PathAppendW
StrCmpNA
StrCmpNIW
PathCommonPrefixW
PathCompactPathExW
PathStripToRootW
StrRChrW
StrFormatByteSizeW
PathRenameExtensionW
StrStrIW
PathFileExistsW
StrChrW
SHAutoComplete
StrTrimW
PathRemoveFileSpecW
PathFindFileNameW
PathUnquoteSpacesW
PathIsUNCW
UrlEscapeW
StrStrA
StrCmpW
StrCmpIW
StrCatW
StrNCatW
StrCatBuffA
StrCpyNW
StrDupA
StrStrIA
StrChrIA
StrTrimA
PathMatchSpecW
StrRetToBufW
PathQuoteSpacesW
StrChrIW
StrCatBuffW

kernel32

LocalAlloc
CreateEventW
lstrcmpiW
lstrcatW
CloseHandle
LocalFree
lstrcpyW
CreateThread
lstrcmpW
GetFileSize
lstrcmpA
lstrlenA
GetCPInfo
lstrcpynA
SetEndOfFile
GlobalSize
GlobalLock
GetModuleHandleW
GetTickCount
WriteFile
WideCharToMultiByte
ReadFile
CreateFileW
lstrcatA
GetACP
MultiByteToWideChar
GlobalUnlock
GetLastError
lstrcmpiA
GetProcAddress
IsValidCodePage
GetOEMCP
LocalSize
LCMapStringW
lstrcpyA
FreeResource
FindResourceW
lstrcpynW
GetCurrentProcess
GetLocaleInfoW
SizeofResource
MulDiv
WritePrivateProfileSectionW
GetLongPathNameW
LockResource
GetModuleHandleA
GetWindowsDirectoryW
GetPrivateProfileSectionW
ExpandEnvironmentStringsW
GetCommandLineW
ResetEvent
SearchPathW
FindFirstFileW
FindFirstChangeNotificationW
SetErrorMode
FreeLibrary
CreateProcessW
CompareFileTime
FindCloseChangeNotification
GetPrivateProfileStringW
LoadLibraryW
GetTimeFormatW
GetStartupInfoW
FindClose
GetLocalTime
SetCurrentDirectoryW
FindNextChangeNotification
GetVersion
SetFileAttributesW
HeapFree
GetTimeZoneInformation
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
Sleep
InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentThreadId
SetLastError
GetSystemTimeAsFileTime
DecodePointer
EncodePointer
GetCommandLineA
IsProcessorFeaturePresent
IsDebuggerPresent
DeleteCriticalSection
LoadLibraryA
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
QueryPerformanceCounter
LoadLibraryExW
GetLocaleInfoA
GlobalFree
GetCurrentDirectoryW
GetPrivateProfileIntW
WritePrivateProfileStringW
lstrlenW
ExitThread
GetModuleFileNameW
GetDateFormatW
GetFileAttributesW
FormatMessageW
GlobalAlloc
SetEvent
WaitForSingleObject
HeapAlloc
CompareStringW
ExitProcess
GetModuleHandleExW
GetProcessHeap
GetStdHandle
GetFileType
GetModuleFileNameA
GetCurrentProcessId
GetEnvironmentStringsW
FreeEnvironmentStringsW
HeapSize
RaiseException
GetStringTypeW
HeapReAlloc
RtlUnwind
OutputDebugStringW
GetConsoleCP
GetConsoleMode
SetFilePointerEx
ReadConsoleW
SetStdHandle
WriteConsoleW
SetEnvironmentVariableA
FlushFileBuffers
LoadResource

user32

GetMonitorInfoW
MonitorFromRect
DestroyWindow
SetCursor
CloseClipboard
GetSystemMenu
CharNextW
GetKeyState
IsClipboardFormatAvailable
LoadCursorW
wsprintfA
IsCharLowerA
SetFocus
IsCharUpperW
CharLowerW
GetCapture
ChildWindowFromPoint
SetCursorPos
CharLowerA
GetClipboardData
EmptyClipboard
CharUpperW
GetSysColor
GetCursorPos
GetSysColorBrush
IsCharLowerW
GetActiveWindow
CreateWindowExW
InsertMenuW
SetWindowTextW
MapWindowPoints
GetSystemMetrics
DeferWindowPos
AdjustWindowRectEx
FindWindowExW
SetWindowPos
GetMenuState
ReleaseDC
SetCapture
DestroyCursor
GetCaretBlinkTime
ShowOwnedPopups
ClientToScreen
SetWindowPlacement
TranslateAcceleratorW
SetTimer
ScreenToClient
GetMessageW
PostQuitMessage
TrackPopupMenu
ShowWindowAsync
RegisterWindowMessageW
IsIconic
IsChild
UnregisterClassW
OpenClipboard
ReleaseCapture
SetClipboardData
IsCharAlphaNumericA
GetParent
GetWindowTextLengthW
GetDlgItemInt
RemovePropW
wvsprintfW
LoadImageW
PostMessageW
GetFocus
MessageBeep
CharPrevW
wsprintfW
SetPropW
TranslateMessage
SetDlgItemInt
LoadIconW
IsCharAlphaNumericW
GetWindowLongW
PeekMessageW
GetDlgItem
SetWindowLongW
EndDialog
SendDlgItemMessageW
LoadStringW
CheckDlgButton
ShowWindow
IsDlgButtonChecked
CheckRadioButton
MessageBoxIndirectW
BeginDeferWindowPos
GetDlgItemTextW
SetDlgItemTextW
SendMessageW
EnableWindow
EndDeferWindowPos
MessageBoxExW
GetPropW
DispatchMessageW
KillTimer
IsZoomed
GetSubMenu
CopyImage
EnumWindows
GetDoubleClickTime
LoadAcceleratorsW
GetForegroundWindow
IsDialogMessageW
GetWindowPlacement
OffsetRect
TrackPopupMenuEx
CheckMenuRadioItem
IntersectRect
LoadMenuW
GetClassNameW
EnableMenuItem
ChangeClipboardChain
IsWindow
SetMenuDefaultItem
EqualRect
MessageBoxW
RegisterClassW
IsWindowVisible
CountClipboardFormats
UpdateWindow
DestroyMenu
GetDlgCtrlID
SetClipboardViewer
SystemParametersInfoW
CheckMenuItem
GetMessageTime
SetScrollInfo
RegisterClipboardFormatW
SetCaretPos
CreateCaret
AppendMenuA
DestroyCaret
GetScrollInfo
GetKeyboardLayout
RegisterClassExW
BeginPaint
ShowCaret
MsgWaitForMultipleObjects
HideCaret
GetUpdateRgn
EndPaint
CallWindowProcW
SystemParametersInfoA
FrameRect
CreatePopupMenu
InflateRect
DrawFocusRect
GetIconInfo
CreateIconIndirect
DrawTextA
DrawTextW
FillRect
DrawAnimatedRects
GetWindowRect
SetActiveWindow
CharUpperBuffW
DialogBoxIndirectParamW
SetForegroundWindow
GetMenuStringW
IsWindowEnabled
GetClientRect
GetDC
GetMenu
CreateDialogIndirectParamW
SetRect
InvalidateRect
DefWindowProcW

gdi32

GetTextExtentExPointW
GetTextExtentExPointA
GetNearestColor
CreatePatternBrush
RoundRect
IntersectClipRect
ExtTextOutA
CreateSolidBrush
CreateBitmap
CombineRgn
CreateRectRgn
CreateFontIndirectW
SelectObject
SetBkMode
GetTextExtentPoint32A
SetMapMode
GetDeviceCaps
Ellipse
GetTextExtentPoint32W
TranslateCharsetInfo
EndDoc
SetTextAlign
CreatePen
StartDocW
CreateFontW
ExtTextOutW
DPtoLP
SetBkColor
DeleteDC
StartPage
LineTo
GetTextMetricsW
EndPage
MoveToEx
Rectangle
CreateCompatibleBitmap
CreateCompatibleDC
StretchBlt
CreateDIBSection
EnumFontsW
Polygon
BitBlt
DeleteObject
GetObjectW
SetTextColor
GetStockObject

comdlg32

ChooseFontW
PrintDlgW
PageSetupDlgW
GetSaveFileNameW
GetOpenFileNameW
ChooseColorW

advapi32

OpenProcessToken
GetTokenInformation
IsTextUnicode

shell32

SHBrowseForFolderW
SHGetFileInfoW
ShellExecuteW
SHGetPathFromIDListW
SHGetDesktopFolder
SHGetDataFromIDListW
SHAppBarMessage
SHAddToRecentDocs
SHGetFolderPathW
ord180
SHGetSpecialFolderPathW
SHCreateDirectoryExW
Shell_NotifyIconW
DragAcceptFiles
DragQueryFileW
DragFinish
ShellExecuteExW

ole32

OleUninitialize
OleInitialize
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
RevokeDragDrop
DoDragDrop
RegisterDragDrop
CLSIDFromProgID
CoInitialize
CoUninitialize

imm32

ImmEscapeW
ImmReleaseContext
ImmSetCompositionFontW
ImmGetCompositionStringW
ImmSetCandidateWindow
ImmSetCompositionWindow
ImmNotifyIME
ImmGetContext

oleaut32

SysFreeString
SysAllocString

Sections

.text
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 162KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

da346fe050b19c7bda9d340dd5b0ad5b

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

comctl32

shlwapi

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

imm32

oleaut32

Sections

.text Size: 1.0MB - Virtual size: 1.0MB

.data Size: 162KB - Virtual size: 200KB

.idata Size: 12KB - Virtual size: 11KB

.rsrc Size: 103KB - Virtual size: 103KB

.reloc Size: 41KB - Virtual size: 41KB

.text
Size: 1.0MB - Virtual size: 1.0MB

.data
Size: 162KB - Virtual size: 200KB

.idata
Size: 12KB - Virtual size: 11KB

.rsrc
Size: 103KB - Virtual size: 103KB

.reloc
Size: 41KB - Virtual size: 41KB