2024-08-11_11a51dd2f0586c4d62990ebca99ed0bd_bkransomware

Sharing

Copy URL Twitter E-mail

General

Target

2024-08-11_11a51dd2f0586c4d62990ebca99ed0bd_bkransomware
Size

35.4MB
MD5

11a51dd2f0586c4d62990ebca99ed0bd
SHA1

110912923f64156c6d7b5e5d21ca8fc974afc3e5
SHA256

d94a331a9ac8152b9dacfd8ae1a613e19554e8eb8c7a7ea6e6aa57ad6588228e
SHA512

ee57caca649ccc866d0f4ab73898be9be74c99a2f720f54ebcfafe6177e1a9a84cc154771d9c8b2a3eaeefa12e4de2e4e2d928133976db92e42b4a5e6226a70f
SSDEEP

786432:usdYDcxssRPWforvY2CKAK24qjDDw/QeXXe/MTfLTYdgzB:upNsWf6D/CjoDHyMbLQg1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-08-11_11a51dd2f0586c4d62990ebca99ed0bd_bkransomware

Files

2024-08-11_11a51dd2f0586c4d62990ebca99ed0bd_bkransomware
.exe windows:5 windows x86 arch:x86

645b38818331ea590136cb7018564d8d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\B\127930\LocalKit\Tools\Win\Installer\AdobeSelfExtractor\Release\AdobeSelfExtractor.pdb

Imports

msi

ord70

kernel32

FindNextFileW
FileTimeToSystemTime
InitializeCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalReAlloc
GlobalHandle
LocalAlloc
LocalReAlloc
GetCurrentDirectoryW
CompareStringW
GetLocaleInfoW
GetSystemDefaultUILanguage
GlobalFlags
GetFileAttributesExW
GetFileSizeEx
GetFileTime
SetErrorMode
GetSystemTimeAsFileTime
ExitProcess
GetModuleHandleExW
SetEnvironmentVariableW
SetCurrentDirectoryW
RtlUnwind
ExitThread
IsDebuggerPresent
IsProcessorFeaturePresent
FileTimeToLocalFileTime
GetFileType
HeapQueryInformation
GetStdHandle
GetStartupInfoW
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsValidCodePage
GetOEMCP
GetCPInfo
GetTimeZoneInformation
GetDriveTypeW
GetConsoleCP
GetConsoleMode
ReadConsoleW
SetFilePointerEx
OutputDebugStringW
LCMapStringW
GetStringTypeW
WriteConsoleW
SetEnvironmentVariableA
GlobalFindAtomW
LeaveCriticalSection
EnterCriticalSection
EncodePointer
FreeResource
GetCurrentProcessId
GlobalAddAtomW
WritePrivateProfileStringW
GetPrivateProfileIntW
ResumeThread
SuspendThread
SetThreadPriority
LoadLibraryA
GetCurrentProcess
DuplicateHandle
UnlockFile
SetEndOfFile
LockFile
GetFullPathNameW
FlushFileBuffers
FindFirstFileW
FindClose
lstrcmpW
lstrcmpA
GlobalDeleteAtom
LoadLibraryExW
FreeLibrary
GetCurrentThreadId
GetCurrentThread
MulDiv
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
LoadLibraryW
GetModuleHandleA
GetModuleFileNameW
OutputDebugStringA
GetACP
lstrlenW
GetVolumeInformationW
WideCharToMultiByte
CreateThread
DeleteCriticalSection
DecodePointer
HeapSize
RaiseException
InitializeCriticalSectionAndSpinCount
SetFileTime
GetProcessHeap
HeapFree
HeapAlloc
HeapReAlloc
SetLastError
MoveFileW
GetUserDefaultUILanguage
RemoveDirectoryW
SetFileAttributesW
GetExitCodeProcess
CreateProcessW
CreateDirectoryW
GetPrivateProfileStringW
SetEvent
Sleep
WaitForSingleObject
ResetEvent
CreateEventW
GlobalMemoryStatusEx
GetEnvironmentVariableW
GetVersionExW
GetTempPathW
DeleteFileW
GetCommandLineW
GetModuleHandleW
GetProcAddress
GetSystemDirectoryW
LocalFree
FormatMessageW
MultiByteToWideChar
FindResourceW
LoadResource
LockResource
SizeofResource
GetFileAttributesW
CloseHandle
GetLastError
CreateFileW
ReadFile
WriteFile
SetFilePointer
GetFileSize
SetStdHandle

user32

KillTimer
SetTimer
RealChildWindowFromPoint
LoadCursorW
GetSysColorBrush
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetTopWindow
GetClassNameW
GetClassLongW
PtInRect
CopyRect
MapWindowPoints
AdjustWindowRectEx
GetWindowRect
RemovePropW
GetPropW
SetPropW
RedrawWindow
SetForegroundWindow
GetForegroundWindow
UpdateWindow
SetMenu
GetMenu
GetCapture
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
RegisterWindowMessageW
GetSysColor
ScreenToClient
ClientToScreen
BeginPaint
ReleaseDC
GetDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
UnhookWindowsHookEx
GetDesktopWindow
SetActiveWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
DestroyWindow
GetLastActivePopup
GetWindowThreadProcessId
SetCursor
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
CallNextHookEx
SetWindowsHookExW
GetCursorPos
ValidateRect
GetKeyState
GetActiveWindow
IsWindowVisible
PeekMessageW
DispatchMessageW
TranslateMessage
GetMessageW
CharUpperW
IsDialogMessageW
GetWindow
SetWindowLongW
GetWindowLongW
GetWindowTextW
IsWindowEnabled
GetFocus
DestroyMenu
InvalidateRect
SetFocus
GetDlgCtrlID
SetWindowPos
ShowWindow
PostQuitMessage
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetParent
SendDlgItemMessageA
FindWindowW
SetWindowTextW
GetDlgItem
UnregisterClassW
EnableWindow
IsWindow
DrawIcon
GetClientRect
IsIconic
SendMessageW
LoadIconW
PostMessageW
GetSystemMetrics
MessageBoxW
EndPaint

gdi32

TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
OffsetViewportOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
SetMapMode
SetTextColor
CreateFontIndirectW
GetObjectW
SetBkColor
SelectObject
SaveDC
RestoreDC
RectVisible
PtVisible
GetStockObject
GetClipBox
Escape
DeleteObject
DeleteDC
CreateBitmap
GetDeviceCaps

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegDeleteValueW
RegFlushKey
RegCreateKeyW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
RegSetValueExW
RegCreateKeyExW

shell32

SHGetPathFromIDListW
SHGetMalloc
SHGetFolderPathW
ord165
ShellExecuteW
SHBrowseForFolderW

shlwapi

PathIsUNCW
PathStripToRootW
PathFindFileNameW
PathFindExtensionW

ole32

CoTaskMemFree
CoUninitialize
CoCreateGuid
CoCreateInstance
CoInitialize

oleaut32

SysFreeString
SysAllocString
VariantInit
VariantClear
VariantChangeType

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 228KB - Virtual size: 227KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48.1MB - Virtual size: 48.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

645b38818331ea590136cb7018564d8d

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msi

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

shlwapi

ole32

oleaut32

oleacc

Sections

.text Size: 228KB - Virtual size: 227KB

.rdata Size: 71KB - Virtual size: 70KB

.data Size: 9KB - Virtual size: 33KB

.rsrc Size: 48.1MB - Virtual size: 48.1MB

.text
Size: 228KB - Virtual size: 227KB

.rdata
Size: 71KB - Virtual size: 70KB

.data
Size: 9KB - Virtual size: 33KB

.rsrc
Size: 48.1MB - Virtual size: 48.1MB