2024-08-14_9722957f23b13f8726109bfdeb645abf_bkransomware_metamorfo

Sharing

Copy URL Twitter E-mail

General

Target

2024-08-14_9722957f23b13f8726109bfdeb645abf_bkransomware_metamorfo
Size

6.7MB
MD5

9722957f23b13f8726109bfdeb645abf
SHA1

88ea9e574e0b0b93b250a4a87ac1cedd1e9b249d
SHA256

af135faa44fe816745d44d65865cc459d00f1a6e38166ae4c918ceea4a5f5c2c
SHA512

2c4531d53459813d988a0255e544704237b19bdc1982b1815c0c0754b6c4277d7fa9be6baac2aa03ff5ac690411c0858467420869dbecb603819e3cbc9ea44fe
SSDEEP

196608:bIBHHRD70Wtyk7SFTv5LkBbEESr1QNV7Lyjw:boRxtPcv5LJfaN1y8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-08-14_9722957f23b13f8726109bfdeb645abf_bkransomware_metamorfo

Files

2024-08-14_9722957f23b13f8726109bfdeb645abf_bkransomware_metamorfo
.exe windows:6 windows x86 arch:x86

77f8ccb8f642b57b887ec1154230cce4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFullPathNameW
ExitProcess
GetCommandLineW
EncodePointer
GetDateFormatW
EnumResourceNamesW
CreateFileA
GetFileSize
SetFilePointer
RtlCaptureContext
VirtualQuery
SetEndOfFile
SetErrorMode
FindResourceW
FreeLibrary
SystemTimeToFileTime
EnumCalendarInfoW
GetCommState
InitializeSListHead
SetEnvironmentVariableW
GetEnvironmentStringsW
SetHandleInformation
GetUserDefaultLCID
GetLogicalDrives
WaitForSingleObjectEx
VirtualFree
GetSystemTimeAsFileTime
GetPrivateProfileStringW
VirtualQueryEx
GetUserDefaultLangID
GetCommandLineA
GetProcessTimes
TlsSetValue
WideCharToMultiByte
GetLocaleInfoW
Sleep
GetVersionExW
MulDiv
IsDBCSLeadByteEx
SetLastError
IsValidCodePage
EnterCriticalSection
GetDiskFreeSpaceW
LoadLibraryA
QueryDosDeviceW
EnumResourceTypesW
FindNextFileA
GetModuleHandleA
IsDebuggerPresent
GetUserDefaultUILanguage
DeleteCriticalSection
WinExec
FileTimeToLocalFileTime
GetVersion
GetCurrentProcessId
GetFileType
GetSystemTime
TlsFree
ExpandEnvironmentStringsW
CreateThread
SwitchToThread
SetStdHandle
SetFilePointerEx
GetConsoleMode
FlushFileBuffers
GetStringTypeW
LCMapStringW
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
ReleaseSemaphore
VirtualProtect
VirtualAlloc
FreeLibraryAndExitThread
OutputDebugStringW
FreeEnvironmentStringsW
QueryPerformanceCounter
WriteFile
GetModuleFileNameW
GetStdHandle
GetCPInfo
GetACP
GetProcessHeap
HeapAlloc
HeapSize
MultiByteToWideChar
GetModuleHandleExW
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
WriteConsoleW
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SignalObjectAndWait
SetEvent
SuspendThread
OpenFileMappingA
CloseHandle
TlsAlloc
GetOEMCP
DeviceIoControl
CreateFileMappingA
FindFirstFileA
VerifyVersionInfoW
GetPrivateProfileIntW
RaiseException
GlobalUnlock
WritePrivateProfileStringW
SetThreadPriority
CompareStringW
CreateFileW
FileTimeToSystemTime
TerminateProcess
CreateProcessA
GetFileAttributesA
GetSystemTimeAdjustment
SizeofResource
CreateEventA
IsValidLocale
GetConsoleCP
LoadLibraryW
SetCommTimeouts
ConnectNamedPipe
WaitForSingleObject
GlobalLock
CreateDirectoryW
HeapFree
WaitNamedPipeA
VerSetConditionMask
SetDllDirectoryW
SystemTimeToTzSpecificLocalTime
LoadResource
GetDriveTypeW
MapViewOfFile
GetLocaleInfoA
GlobalMemoryStatus
GetThreadTimes
GetTempFileNameW
CreateTimerQueue
LoadLibraryExW
ExitThread
CreateSemaphoreW
GetProcAddress
GetModuleHandleW
GetTickCount
GetStartupInfoW
TlsGetValue
CreateEventW
InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsProcessorFeaturePresent
DuplicateHandle
GetCurrentProcess
GetCurrentThread
GetCurrentThreadId
GetExitCodeThread
LeaveCriticalSection
DecodePointer
GetLastError
HeapReAlloc
RtlUnwind

user32

ToUnicode
GetWindow
EndPaint
ClientToScreen
DestroyAcceleratorTable
GetMessageW
DrawIconEx
GetMenuStringW
CharLowerBuffW
CreateIconIndirect
GetMenu
LoadMenuW
DrawStateW
SendDlgItemMessageW
EnumChildWindows
ShowWindow
DrawMenuBar
CreateWindowExW
MessageBoxW
BeginDeferWindowPos
GetDlgItemTextW
SendMessageW
MapWindowPoints
UpdateWindow
EndMenu
DestroyMenu
DestroyIcon
DrawFrameControl
GetWindowThreadProcessId
IsRectEmpty
CharNextW
GetSubMenu
LoadStringA
GetMenuItemInfoW
EnumWindows
GetDC
InflateRect
CheckMenuRadioItem
GetWindowLongW
GetWindowTextW
GetClassNameW
SetWindowLongW
DestroyCursor
GetDesktopWindow
EnableScrollBar
GetKeyboardType
GetDlgCtrlID
MessageBoxA

gdi32

ExtFloodFill
GetMetaFileBitsEx
SetTextColor
CreateHatchBrush
Polygon
StretchBlt
GetRgnBox
PlayEnhMetaFile
ExtCreateRegion
CreateBitmapIndirect
GetCharABCWidthsW
SetWindowOrgEx
SetWindowExtEx
GetRegionData
PtInRegion
CombineRgn
Ellipse
SetPolyFillMode
StretchDIBits
CreatePatternBrush
SetROP2
PolyPolygon

comdlg32

GetOpenFileNameW
GetSaveFileNameW

advapi32

RegSetValueExW
ControlService
RegSetKeySecurity
SetSecurityDescriptorOwner
ChangeServiceConfigW
QueryServiceStatus
LookupPrivilegeValueW
RegQueryInfoKeyW
RegQueryValueExW
OpenProcessToken
CloseServiceHandle
RegOpenKeyExW
RegGetKeySecurity
RegOpenKeyExA
RegDeleteKeyA
RegUnLoadKeyW

shell32

ShellExecuteExW
ExtractIconExW
SHGetFileInfoW
CommandLineToArgvW

ole32

CoTaskMemFree

oleaut32

VariantChangeType
SysAllocStringLen
VariantClear
SafeArrayGetLBound
SafeArrayPtrOfIndex
VariantInit
VariantCopy

Sections

.text
Size: 703KB - Virtual size: 703KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6.0MB - Virtual size: 6.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Aput
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

77f8ccb8f642b57b887ec1154230cce4

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 703KB - Virtual size: 703KB

.data Size: 6.0MB - Virtual size: 6.0MB

.idata Size: 7KB - Virtual size: 7KB

.Aput Size: 3KB - Virtual size: 2KB

.reloc Size: 13KB - Virtual size: 13KB

.text
Size: 703KB - Virtual size: 703KB

.data
Size: 6.0MB - Virtual size: 6.0MB

.idata
Size: 7KB - Virtual size: 7KB

.Aput
Size: 3KB - Virtual size: 2KB

.reloc
Size: 13KB - Virtual size: 13KB