2024-08-20_e680f0fcc8b67f186d5ff05fdaa51ab1_bkransomware

Sharing

Copy URL Twitter E-mail

General

Target

2024-08-20_e680f0fcc8b67f186d5ff05fdaa51ab1_bkransomware
Size

6.7MB
MD5

e680f0fcc8b67f186d5ff05fdaa51ab1
SHA1

ff0965c0b530d55ac5ceb8c4b86003d085dc9a4e
SHA256

6d9250f35c6d52c480e37acecc4e1f37792140ada1f8b0f786a4a696ac7fc372
SHA512

ae620520d7bc7ac2afdd038dee2a2fda01db28dff48de65617ed80043edb1488ad172077b197d96df97a4288b8036a49de9a2f1143bda486cc3af014fa8367a1
SSDEEP

98304:bYPEUkBsrXTqhTSHcOoqePM3D5EhmZy4GhSxE1f4kCeCh5qOozOFEzjODTA/q9lv:s+6ruTQ4C5Eh+MhWE1w07ZKYurx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-08-20_e680f0fcc8b67f186d5ff05fdaa51ab1_bkransomware

Files

2024-08-20_e680f0fcc8b67f186d5ff05fdaa51ab1_bkransomware
.exe windows:6 windows x86 arch:x86

53999f5fae384265462b1473845c53bb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LCMapStringW
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
ReleaseSemaphore
VirtualProtect
VirtualFree
VirtualAlloc
GetVersionExW
FreeLibraryAndExitThread
OutputDebugStringW
FreeEnvironmentStringsW
WriteFile
GetStdHandle
IsDebuggerPresent
GetProcessHeap
HeapAlloc
HeapSize
MultiByteToWideChar
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SetThreadPriority
SwitchToThread
SignalObjectAndWait
WaitForSingleObjectEx
SetEvent
CreateTimerQueue
HeapFree
LoadLibraryExW
ExitThread
CreateThread
CreateSemaphoreW
GetProcAddress
GetModuleHandleW
GetTickCount
TerminateProcess
InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlUnwind
RaiseException
HeapReAlloc
GetLastError
DecodePointer
EncodePointer
LeaveCriticalSection
GetExitCodeThread
GetCurrentThreadId
DuplicateHandle
GetStringTypeW
GetConsoleMode
SetFilePointerEx
LoadLibraryW
SetStdHandle
WriteConsoleW
DeleteFileA
EnumSystemLocalesW
LocalFree
GlobalMemoryStatus
OpenFileMappingA
GetCurrentProcessId
DeleteCriticalSection
GetModuleHandleA
GetFileType
LoadLibraryA
GlobalFree
EnterCriticalSection
IsValidCodePage
SetLastError
FlushFileBuffers
GlobalUnlock
GetStartupInfoW
GetACP
GetOverlappedResult
GetTimeZoneInformation
GetModuleFileNameW
CreateProcessA
MulDiv
GetFileAttributesA
GetSystemTimeAdjustment
Sleep
GetLocaleInfoW
IsValidLocale
WideCharToMultiByte
GetConsoleCP
GetProcessTimes
GetCommandLineA
SetCommState
ClearCommBreak
GetSystemTimeAsFileTime
GetCurrentThread
ConnectNamedPipe
GlobalLock
QueryPerformanceCounter
GetCurrentProcess
GetCommState
FreeLibrary
GetCPInfo
UnmapViewOfFile
TlsGetValue
GetDateFormatW
GetEnvironmentVariableW
GetCommandLineW
ExitProcess
TlsFree
GetSystemTime
GetThreadTimes
CloseHandle
TlsAlloc
GetOEMCP
CreateEventW
CreateFileMappingA
GetLocalTime
FindClose
CreateNamedPipeA
IsDBCSLeadByteEx
CompareStringW
IsProcessorFeaturePresent
OpenProcess
TlsSetValue
SetCommTimeouts
GetWindowsDirectoryA
ExpandEnvironmentStringsA
WaitForSingleObject
SetHandleInformation
GetModuleHandleExW
GetEnvironmentStringsW
SetDllDirectoryW
VirtualQuery
ChangeTimerQueueTimer
CreateFileW

user32

SetCursor
ClientToScreen
CreateDialogParamA
GetMessageW
PostQuitMessage
EndPaint
SetTimer
DestroyWindow
GetWindowThreadProcessId
ToUnicode
TrackPopupMenu
LoadStringA
GetWindowTextLengthA
EnumWindows
GetDoubleClickTime
WaitMessage
InflateRect
OffsetRect
SetWindowLongA
MessageBoxA
UnionRect
UnregisterClassA
GetWindowLongA
PeekMessageA
EnableMenuItem
DrawStateW
ScrollWindow
EndDialog
DestroyCursor
DestroyCaret
GetSysColor
CheckDlgButton
ShowWindow
SetMenu
IsDlgButtonChecked
DrawMenuBar
EnableScrollBar
AppendMenuA
PostMessageA
CreateWindowExW
CheckRadioButton
ScrollWindowEx
RegisterClassW
GetSystemMetrics
InsertMenuA
SetWindowTextA
ValidateRgn
SendMessageW
UpdateWindow
EnableWindow
EndMenu
DestroyMenu
DestroyIcon
DrawFrameControl
SetDlgItemTextA
SetScrollInfo
ValidateRect
CheckMenuItem
IsRectEmpty
DrawEdge
SystemParametersInfoA
GetMessageA
IsZoomed
MessageBeep
SetParent
BeginPaint
SetScrollRange
CreateIconIndirect
GetDC
DrawFocusRect
ShowCursor
GetWindowPlacement
SetPropA
SetRect
GetScrollInfo
InvalidateRect
SetScrollPos
ReleaseDC
GetDesktopWindow
CreatePopupMenu
IsWindow
MessageBoxW
DialogBoxParamA

gdi32

StretchBlt
CreateFontIndirectA
ExcludeClipRect
GdiFlush
GetEnhMetaFileHeader
SetPixel
CreatePenIndirect
PolyPolyline
CreateRectRgnIndirect
CreateCompatibleBitmap
Rectangle
CreateBrushIndirect
ExtCreateRegion
SaveDC
GetObjectType
CreateBitmapIndirect
GetCurrentPositionEx
SelectPalette
GetNearestPaletteIndex
CreateRectRgn
GetCharWidth32A
GetCharABCWidthsFloatA
CreatePen
SetROP2
RectVisible
CreateDIBitmap
EndDoc
CreateFontA
ExtTextOutA
CloseEnhMetaFile
CreateEnhMetaFileW
CreateSolidBrush
GetBitmapBits
ExtCreatePen
CreatePolygonRgn
MoveToEx
SetWindowOrgEx
TranslateCharsetInfo
GetWindowOrgEx
ExtFloodFill
SetWindowExtEx
GetDeviceCaps
GetDIBits
CopyEnhMetaFileA
CreatePalette
GetRegionData
CreateCompatibleDC
RectInRegion
Ellipse
OffsetRgn
StretchDIBits
SetPaletteEntries
GetObjectW
SetStretchBltMode
GetTextExtentPointA
GetSystemPaletteEntries
GetClipBox
RestoreDC
TextOutA
Polygon
CreateHatchBrush
SetTextColor
LineTo
BitBlt
SetLayout
EndPage
GetStockObject
SetTextAlign

advapi32

RegQueryValueExW
CopySid
InitializeSecurityDescriptor
EqualSid
OpenProcessToken
AdjustTokenPrivileges
GetUserNameA
RegOpenKeyExW
SetSecurityDescriptorOwner
AllocateAndInitializeSid
RegDeleteValueA
LookupPrivilegeValueW
SetSecurityDescriptorDacl

shell32

ShellExecuteExW

ole32

CoTaskMemFree

Sections

.text
Size: 695KB - Virtual size: 695KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6.0MB - Virtual size: 6.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ODaK
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

53999f5fae384265462b1473845c53bb

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

Sections

.text Size: 695KB - Virtual size: 695KB

.data Size: 6.0MB - Virtual size: 6.0MB

.idata Size: 8KB - Virtual size: 8KB

.ODaK Size: 4KB - Virtual size: 3KB

.reloc Size: 14KB - Virtual size: 13KB

.text
Size: 695KB - Virtual size: 695KB

.data
Size: 6.0MB - Virtual size: 6.0MB

.idata
Size: 8KB - Virtual size: 8KB

.ODaK
Size: 4KB - Virtual size: 3KB

.reloc
Size: 14KB - Virtual size: 13KB