2024-08-10_b1e833de5cfa99195151835974717228_bkransomware

Sharing

Copy URL Twitter E-mail

General

Target

2024-08-10_b1e833de5cfa99195151835974717228_bkransomware
Size

6.8MB
MD5

b1e833de5cfa99195151835974717228
SHA1

f1f01b7eb96bf13dc7c2d2129d7a9601914b75be
SHA256

eac05b09e521a2e090054050b30686d1df1dc09333c73d299aed57a7a553e1fd
SHA512

3b3d5d22ebc23138a2d0b5c7f1af6cf26ab9931cebbf3b4bedd4ffc81f8172e7aad8c51ee8215915dd4f714689df17b36f096f5e0eb82476ce6d63365a9a21f9
SSDEEP

196608:Hxsh9ASY39aT1T9xblRPA1ng3Ivw5V1rb:Ch9ASY39o3RPAu3IY5r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-08-10_b1e833de5cfa99195151835974717228_bkransomware

Files

2024-08-10_b1e833de5cfa99195151835974717228_bkransomware
.exe windows:6 windows x86 arch:x86

b56b82deee7cb4271d8a70017e5e9485

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateEventW
GetSystemInfo
EnumResourceTypesW
FileTimeToLocalFileTime
DeleteFileW
GetSystemTime
TlsFree
EnumSystemLocalesW
GetFileSize
UnmapViewOfFile
SetEndOfFile
SetErrorMode
FreeLibrary
SystemTimeToTzSpecificLocalTime
VerSetConditionMask
CompareFileTime
InitializeSListHead
SetEnvironmentVariableW
SetHandleInformation
SetCommBreak
GetSystemTimeAsFileTime
VirtualQueryEx
GetCommandLineA
GetProcessTimes
TlsSetValue
GetLocaleInfoW
InitializeCriticalSectionAndSpinCount
Sleep
ReadProcessMemory
GetSystemTimeAdjustment
LeaveCriticalSection
GetExitCodeProcess
Beep
GetFileAttributesW
GetSystemDirectoryA
MultiByteToWideChar
GetThreadLocale
LoadLibraryA
LockResource
RemoveDirectoryW
DeviceIoControl
GetOEMCP
GetWindowsDirectoryW
GetThreadTimes
LocalFree
GetExitCodeThread
ExpandEnvironmentStringsW
SwitchToThread
CreateFileW
LoadLibraryW
ReadConsoleW
WriteConsoleW
SetStdHandle
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
ReleaseSemaphore
VirtualProtect
VirtualFree
GetVersionExW
GetModuleHandleA
FreeLibraryAndExitThread
OutputDebugStringW
SetFilePointerEx
ReadFile
GetConsoleMode
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcessId
WriteFile
GetModuleFileNameW
GetFileType
GetStdHandle
GetACP
IsValidCodePage
IsDebuggerPresent
GetProcessHeap
HeapSize
GetModuleHandleExW
ExitProcess
GetUserDefaultLCID
IsValidLocale
GlobalFree
CreateNamedPipeA
VirtualAlloc
IsDBCSLeadByteEx
FlushFileBuffers
WritePrivateProfileStringW
SetThreadPriority
MulDiv
GetFullPathNameW
IsProcessorFeaturePresent
GetFileAttributesA
HeapDestroy
GetSystemDirectoryW
GetConsoleCP
OpenProcess
GetWindowsDirectoryA
HeapFree
QueryPerformanceCounter
GetCurrentProcess
WaitNamedPipeA
EnumCalendarInfoW
SetDllDirectoryW
GetSystemDefaultUILanguage
MapViewOfFile
RtlCaptureContext
GetLocaleInfoA
SetFilePointer
FindFirstFileW
EnumResourceNamesW
DeleteFileA
LCMapStringW
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
WideCharToMultiByte
CloseHandle
DuplicateHandle
WaitForSingleObject
GetCurrentThread
GetCurrentThreadId
EncodePointer
DecodePointer
EnterCriticalSection
DeleteCriticalSection
GetStringTypeW
GetLastError
HeapReAlloc
GetCommandLineW
RaiseException
RtlUnwind
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
TerminateProcess
TlsAlloc
TlsGetValue
GetStartupInfoW
GetTickCount
GetModuleHandleW
GetProcAddress
CreateSemaphoreW
CreateThread
ExitThread
LoadLibraryExW
HeapAlloc
CreateTimerQueue
SetEvent
WaitForSingleObjectEx
SignalObjectAndWait
GetThreadPriority
GetLogicalProcessorInformation
CreateTimerQueueTimer

user32

EndPaint
DestroyAcceleratorTable
GetMessageW
AttachThreadInput
GetMenuItemInfoW
EnumWindows
InflateRect
CreateDialogIndirectParamA
CheckMenuRadioItem
MessageBoxA
LoadMenuW
EnumChildWindows
ShowWindow
CreateIconIndirect
CreateWindowExW
UpdateWindow
GetDlgCtrlID
ToUnicode
DestroyIcon
GetMonitorInfoW
CharUpperBuffW
RegisterWindowMessageW
IsIconic
DrawIconEx
GetWindowInfo
CharLowerBuffW
DrawTextExW
GetDC
GetMenu
GetWindowTextW
CharUpperW
SetWindowLongW
DestroyCursor
GetDesktopWindow
GetKeyboardType
SetDlgItemTextW
ValidateRgn
SendMessageW
DrawFrameControl
GetSysColorBrush

gdi32

Arc
CreateHatchBrush
PlayEnhMetaFile
Ellipse
GetTextExtentPointW
GetNearestPaletteIndex
ExtFloodFill
SetTextColor
GetRgnBox
CombineRgn
OffsetRgn
GetCharABCWidthsW
SetStretchBltMode
SetWinMetaFileBits
SetROP2

comdlg32

GetOpenFileNameW

advapi32

RegEnumKeyExW
RegDeleteValueA
ChangeServiceConfigW
RegConnectRegistryW
RegGetKeySecurity
RegUnLoadKeyW
RegCloseKey
RegOpenKeyExW
RegSetKeySecurity
LookupPrivilegeValueW
RegQueryInfoKeyW

shell32

CommandLineToArgvW
ShellExecuteExW

oleaut32

VariantInit
VariantCopy
SafeArrayGetLBound
VariantChangeType
SysAllocStringLen
VariantClear
SysReAllocStringLen

Sections

.text
Size: 759KB - Virtual size: 759KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6.0MB - Virtual size: 6.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bgJ
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b56b82deee7cb4271d8a70017e5e9485

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

oleaut32

Sections

.text Size: 759KB - Virtual size: 759KB

.data Size: 6.0MB - Virtual size: 6.0MB

.idata Size: 6KB - Virtual size: 6KB

.bgJ Size: 2KB - Virtual size: 1KB

.reloc Size: 16KB - Virtual size: 16KB

.text
Size: 759KB - Virtual size: 759KB

.data
Size: 6.0MB - Virtual size: 6.0MB

.idata
Size: 6KB - Virtual size: 6KB

.bgJ
Size: 2KB - Virtual size: 1KB

.reloc
Size: 16KB - Virtual size: 16KB