2024-08-11_801fb673c025a514cb4d6c8f7de25d9e_bkransomware

Sharing

Copy URL Twitter E-mail

General

Target

2024-08-11_801fb673c025a514cb4d6c8f7de25d9e_bkransomware
Size

6.7MB
MD5

801fb673c025a514cb4d6c8f7de25d9e
SHA1

d852c9ad48da0437c2a0b2d25a80747ee81e8f6a
SHA256

85ac6403aed9121e3c8be2d92f3a598b76bc551b07e87434ecff3f0631efd65a
SHA512

4ea92c15b42b17d4d8ba64c3461a7b2edeff2e9d7c11ecc7dd7d264716a82bca7f75db481eb2e02bfc8b823586f47fc5572a8ee4d3f65812857d20a04a3766e4
SSDEEP

196608:PqNr45TCJUgiLDZD/PLCCVL5ImWUAsxC:CNTJUgmNGAL5ImWUA2C

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-08-11_801fb673c025a514cb4d6c8f7de25d9e_bkransomware

Files

2024-08-11_801fb673c025a514cb4d6c8f7de25d9e_bkransomware
.exe windows:6 windows x86 arch:x86

21441153a6be151c9967ae9ab1fbd07c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetExitCodeThread
RemoveDirectoryW
CreatePipe
GetModuleFileNameA
GetThreadPriority
IsDebuggerPresent
FindNextFileW
DeleteCriticalSection
GetThreadTimes
OpenFileMappingA
LocalFree
EncodePointer
GetEnvironmentVariableW
GetFileSize
GlobalMemoryStatus
GetLocaleInfoA
SetErrorMode
WaitNamedPipeA
GetEnvironmentStringsW
SignalObjectAndWait
GetLogicalDrives
GetCurrentThread
ExpandEnvironmentStringsA
ClearCommBreak
TlsSetValue
OpenProcess
GetSystemDirectoryW
IsValidLocale
Sleep
SizeofResource
FormatMessageW
GetVersionExW
HeapCreate
GetExitCodeProcess
IsProcessorFeaturePresent
Beep
MulDiv
TerminateProcess
CompareStringW
GetACP
ExitThread
MultiByteToWideChar
GetStartupInfoW
WritePrivateProfileStringW
RaiseException
SetThreadLocale
GetLastError
IsDBCSLeadByteEx
SetLastError
IsValidCodePage
EnterCriticalSection
GlobalFree
CreateFileMappingA
FindClose
QueryDosDeviceW
GetOEMCP
VirtualProtect
DeleteFileA
ExpandEnvironmentStringsW
CreateThread
SwitchToThread
ReadConsoleW
WriteConsoleW
SetStdHandle
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
ReleaseSemaphore
VirtualAlloc
GetModuleHandleA
FreeLibraryAndExitThread
FreeLibrary
OutputDebugStringW
SetFilePointerEx
ReadFile
GetConsoleMode
GetConsoleCP
FlushFileBuffers
FreeEnvironmentStringsW
GetCurrentProcessId
QueryPerformanceCounter
WriteFile
GetModuleFileNameW
GetFileType
GetStdHandle
GetProcessHeap
HeapSize
GetModuleHandleExW
ExitProcess
EnumSystemLocalesW
GetLocaleInfoW
LCMapStringW
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
LoadLibraryA
GetLocalTime
GetCPInfoExW
VerifyVersionInfoW
GlobalUnlock
GetOverlappedResult
CreateFileW
GetTimeZoneInformation
GetSystemDirectoryA
FileTimeToSystemTime
CreateProcessA
InitializeCriticalSectionAndSpinCount
LoadLibraryW
WideCharToMultiByte
SetCommState
VirtualQueryEx
GetWindowsDirectoryA
GetTickCount
VirtualFree
GetUserDefaultLCID
WaitForSingleObjectEx
InitializeSListHead
SystemTimeToFileTime
LoadLibraryExW
SystemTimeToTzSpecificLocalTime
SetEndOfFile
GetDriveTypeW
MapViewOfFile
RtlCaptureContext
TlsGetValue
FindFirstFileW
GetDiskFreeSpaceW
GetFullPathNameW
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
SetThreadPriority
SetEvent
CreateTimerQueue
CloseHandle
DuplicateHandle
WaitForSingleObject
GetCurrentProcess
GetCurrentThreadId
GetSystemTimeAsFileTime
DecodePointer
LeaveCriticalSection
GetStringTypeW
HeapReAlloc
HeapFree
GetCommandLineW
RtlUnwind
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
CreateEventW
TlsAlloc
TlsFree
GetModuleHandleW
GetProcAddress
CreateSemaphoreW
HeapAlloc

user32

DestroyAcceleratorTable
GetMessageW
CharNextW
GetMenuStringW
CharLowerBuffW
GetMenuItemInfoW
MessageBoxA
LoadMenuW
DestroyCursor
ShowWindow
EnableScrollBar
GetKeyboardType
CreateWindowExW
GetDlgItemTextW
SendMessageW
UpdateWindow
DestroyIcon
DrawFrameControl
IsRectEmpty
EnumWindows
BeginDeferWindowPos
DestroyMenu
ClientToScreen
IsIconic
PostMessageW
GetKeyState
GetWindowInfo
ModifyMenuW
GetDC
DrawFocusRect
GetMenu
CheckMenuRadioItem
GetWindowTextW
GetClassNameW
SetWindowLongW
GetDesktopWindow
MessageBoxW
GetDlgCtrlID
SetWindowTextW
ToUnicode
GetMonitorInfoW
CheckMenuItem
CharUpperW

gdi32

SetTextColor
CreateHatchBrush
CreateFontIndirectW
GetRgnBox
ExtCreateRegion
GetBkColor
SetViewportExtEx
GetTextExtentPoint32W
GetMetaFileBitsEx
StretchBlt
PtInRegion
PlayEnhMetaFile
OffsetRgn
SetPolyFillMode
GetCharABCWidthsW
SetWinMetaFileBits
CreateEnhMetaFileW
Arc

comdlg32

FindTextW

advapi32

RegSetValueExW
RegCloseKey
RegSetKeySecurity
StartServiceW
RegQueryValueExW
AdjustTokenPrivileges
RegOpenKeyExW
RegOpenKeyExA
LookupPrivilegeValueW
OpenSCManagerW
RegUnLoadKeyW

shell32

ShellExecuteExW
SHGetFileInfoW

oleaut32

SafeArrayGetUBound
VariantInit
VariantClear
SafeArrayGetLBound
SysReAllocStringLen

Sections

.text
Size: 704KB - Virtual size: 703KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6.0MB - Virtual size: 6.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qyBfq
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

21441153a6be151c9967ae9ab1fbd07c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

oleaut32

Sections

.text Size: 704KB - Virtual size: 703KB

.data Size: 6.0MB - Virtual size: 6.0MB

.idata Size: 6KB - Virtual size: 6KB

.qyBfq Size: 2KB - Virtual size: 1KB

.reloc Size: 16KB - Virtual size: 16KB

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 704KB - Virtual size: 703KB

.data
Size: 6.0MB - Virtual size: 6.0MB

.idata
Size: 6KB - Virtual size: 6KB

.qyBfq
Size: 2KB - Virtual size: 1KB

.reloc
Size: 16KB - Virtual size: 16KB

.rsrc
Size: 3KB - Virtual size: 2KB