2024-08-23_d8591a135d66d1f369ee027189af054e_bkransomware

Sharing

Copy URL Twitter E-mail

General

Target

2024-08-23_d8591a135d66d1f369ee027189af054e_bkransomware
Size

6.7MB
MD5

d8591a135d66d1f369ee027189af054e
SHA1

41c33aa66d848328d5561f6a1362424a741c10cc
SHA256

321ee2c07a10caf8a21f3db1fe8bec5005e689f494a8f4c68a1b420985ffed0c
SHA512

4f4cd8732472210dcb152b618ea8c4c7a881bc6f1750d8fc491ae555b6f14c57effd67779a4bd62f2811415412f3baff6aae6e83cd33445d91bcf7d0ae61b388
SSDEEP

196608:BzSF32cLgh5OP9//sW/J19+YhPyar95EsKa+1MV:ZXhGd/JeYhPyar9Gs9T

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-08-23_d8591a135d66d1f369ee027189af054e_bkransomware

Files

2024-08-23_d8591a135d66d1f369ee027189af054e_bkransomware
.exe windows:6 windows x86 arch:x86

10451efdb0d4868017d7bb890184adcd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
ReleaseSemaphore
VirtualProtect
VirtualFree
VirtualAlloc
GetVersionExW
GetModuleHandleA
FreeLibraryAndExitThread
FreeLibrary
OutputDebugStringW
FreeEnvironmentStringsW
GetCurrentProcessId
WriteFile
GetModuleFileNameW
GetFileType
GetStdHandle
GetCPInfo
IsDebuggerPresent
GetProcessHeap
HeapAlloc
HeapSize
MultiByteToWideChar
ExitProcess
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
LCMapStringW
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SetThreadPriority
SwitchToThread
SignalObjectAndWait
WaitForSingleObjectEx
SetEvent
CreateTimerQueue
ExitThread
CreateThread
CreateSemaphoreW
GetProcAddress
GetModuleHandleW
GetTickCount
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsProcessorFeaturePresent
RtlUnwind
RaiseException
HeapReAlloc
GetLastError
DecodePointer
EncodePointer
GetExitCodeThread
GetCurrentThreadId
GetCurrentThread
GetCurrentProcess
DuplicateHandle
CloseHandle
GetStringTypeW
GetConsoleCP
GetConsoleMode
SetFilePointerEx
LoadLibraryW
VirtualQuery
SetStdHandle
EnumSystemLocalesW
GetSystemTime
GetThreadTimes
FindNextFileA
GetOEMCP
CreateFileMappingA
LoadLibraryA
IsValidCodePage
GlobalUnlock
GetACP
GetOverlappedResult
CreateFileW
GetTimeZoneInformation
MulDiv
Beep
LeaveCriticalSection
GetSystemTimeAdjustment
Sleep
GetLocaleInfoW
IsValidLocale
WideCharToMultiByte
OpenProcess
GetProcessTimes
GetCommandLineA
SetCommState
GetSystemTimeAsFileTime
SetCommBreak
SetHandleInformation
HeapFree
GetEnvironmentStringsW
QueryPerformanceCounter
InitializeSListHead
WaitNamedPipeA
LoadLibraryExW
GetLocaleInfoA
CreateFileA
GetDateFormatW
GetEnvironmentVariableW
GetCommandLineW
ConnectNamedPipe
DeleteFileA
TlsAlloc
DeleteCriticalSection
CreateEventW
GlobalFree
EnterCriticalSection
CreateNamedPipeA
SetLastError
FlushFileBuffers
GetFileAttributesA
CreateEventA
InitializeCriticalSectionAndSpinCount
SetCommTimeouts
ClearCommBreak
GetWindowsDirectoryA
WaitForSingleObject
GetModuleHandleExW
SetEnvironmentVariableW
GetCommState
DeleteTimerQueueTimer
WriteConsoleW

user32

EndPaint
ClientToScreen
SetCursor
HideCaret
GetWindowRect
CreateDialogParamA
GetMessageW
IsIconic
MsgWaitForMultipleObjects
IsZoomed
DrawIconEx
LoadStringA
MessageBeep
SetParent
GetWindowTextLengthA
DrawEdge
ShowCaret
EnumWindows
SetScrollRange
CreateIconIndirect
WaitMessage
GetQueueStatus
CreateDialogIndirectParamA
GetWindowTextA
GetKeyboardLayout
SetWindowLongA
MessageBoxA
SetScrollPos
GetDlgItem
CheckDlgButton
ShowWindow
IsDlgButtonChecked
DrawMenuBar
EnableScrollBar
AppendMenuA
IsWindow
CreateWindowExW
CheckRadioButton
BeginDeferWindowPos
SendMessageW
UpdateWindow
EnableWindow
EndMenu
DestroyMenu
LoadCursorA
ToUnicode
SetScrollInfo
CheckMenuItem
ToAsciiEx
ShowOwnedPopups
DestroyWindow
GetMessageA
DestroyAcceleratorTable
PostQuitMessage
TrackPopupMenu
SetKeyboardState
GetWindowInfo
GetClientRect
GetDC
GetCapture
InflateRect
SetPropA
CheckMenuRadioItem
UnionRect
GetWindowLongA
SystemParametersInfoW
PeekMessageA
ReleaseDC
ScrollWindow
DefWindowProcA
SetWindowsHookExA
DestroyCursor
GetDesktopWindow
GetSysColor
RemoveMenu
MessageBoxW
SystemParametersInfoA
RegisterClassW
SetCaretPos
GetDlgItemTextA
GetCaretBlinkTime
DrawFrameControl
TranslateMDISysAccel
GetMessageTime
GetWindowThreadProcessId
RegisterClassA
IsRectEmpty

gdi32

GetWindowOrgEx
Arc
PatBlt
SetViewportOrgEx
ExtFloodFill
GetMetaFileBitsEx
CreateFontA
GetDIBits
SetBkColor
SetDIBColorTable
CopyEnhMetaFileA
ExcludeClipRect
CreateHalftonePalette
CreateBitmap
DeleteObject
GetPaletteEntries
CreatePenIndirect
CreateCompatibleDC
Ellipse
ExtCreateRegion
SaveDC
RealizePalette
StretchDIBits
BitBlt
GetDIBColorTable
Polyline
GetClipBox
RectVisible
RoundRect
IntersectClipRect
EndDoc
CloseEnhMetaFile
CreateEnhMetaFileW
ExtCreatePen
MoveToEx
PolyPolygon
LineTo
DeleteDC
CreateFontIndirectA
GetEnhMetaFileHeader
SetPixel
SelectClipRgn
RectInRegion
SetMapMode
Rectangle
GetCurrentPositionEx
GetObjectW
SetStretchBltMode
GetNearestPaletteIndex
CreateRectRgn
GetCharWidth32A
SetViewportExtEx
GetPixel
GetStockObject
UpdateColors
CreateSolidBrush
SetPaletteEntries
CreatePen

advapi32

RegOpenKeyExW
LookupPrivilegeValueW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegDeleteKeyA
OpenProcessToken
AdjustTokenPrivileges
GetUserNameA
AllocateAndInitializeSid
RegCloseKey

shell32

ShellExecuteExW

Sections

.text
Size: 706KB - Virtual size: 706KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6.0MB - Virtual size: 6.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Pbcqd
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

10451efdb0d4868017d7bb890184adcd

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

Sections

.text Size: 706KB - Virtual size: 706KB

.data Size: 6.0MB - Virtual size: 6.0MB

.idata Size: 8KB - Virtual size: 7KB

.Pbcqd Size: 4KB - Virtual size: 3KB

.reloc Size: 14KB - Virtual size: 13KB

.text
Size: 706KB - Virtual size: 706KB

.data
Size: 6.0MB - Virtual size: 6.0MB

.idata
Size: 8KB - Virtual size: 7KB

.Pbcqd
Size: 4KB - Virtual size: 3KB

.reloc
Size: 14KB - Virtual size: 13KB