2024-08-20_c01c25769407c6869a25983f4edf5b64_bkransomware_metamorfo

Sharing

Copy URL Twitter E-mail

General

Target

2024-08-20_c01c25769407c6869a25983f4edf5b64_bkransomware_metamorfo
Size

717KB
MD5

c01c25769407c6869a25983f4edf5b64
SHA1

60ddc61a62751a5d1e2e6205187578f1614586b9
SHA256

2f72ce916cd503ce9553ea72af4cb60fd0001b081e8541dcb92f17a7849213f0
SHA512

78fba8f97cd11ceec52cc6c169899bcd890a4394c9345756d952361d17b09260d7c7ca36c09a64d79edf66afd1ffa5bee14916c10886bdbe0f5ad61ed43a2a76
SSDEEP

12288:cv3p0jyvC/4DVyNBHwaLXLDHx3FYeoEphc:Imtg5GlwYXLDFNoEphc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-08-20_c01c25769407c6869a25983f4edf5b64_bkransomware_metamorfo

Files

2024-08-20_c01c25769407c6869a25983f4edf5b64_bkransomware_metamorfo
.exe windows:5 windows x86 arch:x86

b72edf767df9268ecb836ad6e76dd02b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeGetDevCaps
timeBeginPeriod
timeEndPeriod
timeGetTime

comctl32

PropertySheetA
ImageList_AddMasked
ord17
InitCommonControlsEx
ImageList_Create
ord6

kernel32

lstrcmpiA
FindFirstFileA
FindNextFileA
GetProcAddress
LoadLibraryA
GetPrivateProfileSectionA
GetLastError
CreateDirectoryA
LocalFree
FormatMessageA
VirtualAlloc
VirtualProtect
TerminateThread
GetExitCodeThread
SuspendThread
ResumeThread
PulseEvent
ReleaseMutex
WaitForSingleObject
CreateEventA
DeleteFileA
QueryPerformanceCounter
GetFileSize
FreeLibrary
GetCurrentThread
SetThreadPriority
ExpandEnvironmentStringsA
LCMapStringW
CompareStringW
GetStringTypeW
CreateFileW
GetCurrentDirectoryW
GetFullPathNameW
PeekNamedPipe
GetFileInformationByHandle
FileTimeToLocalFileTime
OutputDebugStringW
LoadLibraryExW
SetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcessId
DeleteFileW
ExitThread
FlushFileBuffers
CreateThread
FindClose
GetOEMCP
GetACP
IsValidCodePage
SetFilePointerEx
ReadConsoleW
GetConsoleMode
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetDriveTypeW
FindFirstFileExW
GetModuleHandleW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
GetCurrentProcess
InitializeCriticalSectionAndSpinCount
SetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetModuleFileNameW
MultiByteToWideChar
AreFileApisANSI
GetModuleHandleExW
ExitProcess
GetProcessHeap
GetStartupInfoW
DeleteCriticalSection
GetFileType
GetStdHandle
RtlUnwind
LeaveCriticalSection
EnterCriticalSection
WideCharToMultiByte
GetTimeZoneInformation
DecodePointer
EncodePointer
RaiseException
GetCommandLineA
IsProcessorFeaturePresent
IsDebuggerPresent
HeapReAlloc
HeapAlloc
HeapFree
GetSystemTimeAsFileTime
ReadFile
CreateFileA
SetFilePointer
WriteFile
CreateMutexA
QueryPerformanceFrequency
CloseHandle
GetCPInfo
Sleep
VirtualFree
GetModuleFileNameA
lstrlenA
GetCurrentThreadId
WriteConsoleW
HeapSize
SetEndOfFile
SetEnvironmentVariableA
GetConsoleCP

user32

InsertMenuItemA
ModifyMenuA
CreateMenu
MsgWaitForMultipleObjects
PeekMessageA
GetWindowTextA
GetDlgItemInt
FillRect
InvalidateRect
DrawTextA
IsWindowVisible
IsWindow
LoadCursorA
SetRect
ShowCursor
AdjustWindowRectEx
ValidateRect
SetActiveWindow
SetMenuItemInfoA
GetMenuItemInfoA
RemoveMenu
InsertMenuA
EnableMenuItem
CheckMenuItem
DrawMenuBar
GetMenuState
SetMenu
GetMenu
TranslateAcceleratorA
LoadAcceleratorsA
MoveWindow
IsMenu
RegisterClassA
PostQuitMessage
IsDialogMessageA
LoadBitmapA
SetWindowLongA
GetWindowLongA
MapWindowPoints
GetCursorPos
MessageBoxA
GetWindowRect
GetClientRect
SetWindowTextA
SetForegroundWindow
TrackPopupMenu
DeleteMenu
GetSubMenu
DestroyMenu
LoadMenuA
GetSystemMetrics
IsWindowEnabled
EnableWindow
SetFocus
SendDlgItemMessageA
GetDlgItemTextA
SetDlgItemTextA
GetDlgItem
EndDialog
DialogBoxParamA
CreateDialogParamA
IsIconic
GetWindowPlacement
SetWindowPos
ShowWindow
DestroyWindow
CreateWindowExA
DefWindowProcA
PostMessageA
SendMessageA
GetMessagePos
DispatchMessageA
TranslateMessage
GetMessageA
LoadIconA

gdi32

SetBkMode
CreateSolidBrush
GetStockObject
DeleteObject
SetTextColor

comdlg32

GetOpenFileNameA
GetSaveFileNameA

advapi32

RegSetValueExA
RegQueryValueExA
RegDeleteValueA
RegCreateKeyExA
RegOpenKeyExA
RegEnumKeyExA
RegDeleteKeyA
RegCloseKey
RegOpenKeyA

shell32

DragFinish
DragAcceptFiles
ShellExecuteA
SHChangeNotify
SHGetPathFromIDListA
SHBrowseForFolderA
DragQueryFileA

ole32

CoInitialize
CoUninitialize

Sections

.text
Size: 439KB - Virtual size: 438KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 126KB - Virtual size: 839KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 65KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b72edf767df9268ecb836ad6e76dd02b

Headers

DLL Characteristics

File Characteristics

Imports

winmm

comctl32

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

Sections

.text Size: 439KB - Virtual size: 438KB

.rdata Size: 46KB - Virtual size: 45KB

.data Size: 126KB - Virtual size: 839KB

.rsrc Size: 65KB - Virtual size: 64KB

.reloc Size: 40KB - Virtual size: 39KB

.text
Size: 439KB - Virtual size: 438KB

.rdata
Size: 46KB - Virtual size: 45KB

.data
Size: 126KB - Virtual size: 839KB

.rsrc
Size: 65KB - Virtual size: 64KB

.reloc
Size: 40KB - Virtual size: 39KB