2024-08-23_9339ca8c1960ed84096197a9f3644092_bkransomware

Sharing

Copy URL Twitter E-mail

General

Target

2024-08-23_9339ca8c1960ed84096197a9f3644092_bkransomware
Size

1.4MB
MD5

9339ca8c1960ed84096197a9f3644092
SHA1

bfdeca45cdcdf51f249ea61e6ec357d54d1bcf0b
SHA256

1f1d242e28bdc33a3d2ccaba1a2254ef4123d0e9579b67de274d1c48aaf74a2e
SHA512

32f1a93e2a811080fb34e2e9af03247f76f865c7edf501c7b3d2e4f577ca67f157db2a583ec724c9d29d15604cfffab86abd67323c369cfd90391a4523189bce
SSDEEP

24576:WXLttK8+xBuKhpSK438pckG0WY9gxdvAp2ei9tige/5QSJ84LWx2nalHriPn/2ji:WXLtlSSaasP6E3UY15iq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-08-23_9339ca8c1960ed84096197a9f3644092_bkransomware

Files

2024-08-23_9339ca8c1960ed84096197a9f3644092_bkransomware
.exe windows:5 windows x86 arch:x86

5c8e73eb94a90e4b4db498c4093e2ca0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

H:\progs\Compiling\notepad2-mod\bin\VS2013\Release_x86\Notepad2.pdb

Imports

comctl32

ord8
ImageList_Destroy
ImageList_AddMasked
ImageList_Create
InitCommonControlsEx
CreateStatusWindowW

shlwapi

StrTrimW
StrDupA
StrStrIA
StrChrIA
StrTrimA
PathMatchSpecW
StrRetToBufW
SHAutoComplete
StrChrW
PathFileExistsW
PathUnquoteSpacesW
PathQuoteSpacesW
StrCpyNW
StrCatBuffA
StrNCatW
StrCatW
StrCmpIW
StrCmpW
StrStrA
UrlEscapeW
StrCmpNA
StrDupW
StrChrA
StrCmpNIA
PathIsUNCW
StrCpyW
UrlUnescapeW
PathRelativePathToW
PathIsPrefixW
PathUnExpandEnvStringsW
PathIsDirectoryW
PathFindExtensionW
StrStrW
PathIsRelativeW
PathCanonicalizeW
PathGetDriveNumberW
PathIsRootW
PathAppendW
StrChrIW
StrCmpNIW
PathCommonPrefixW
PathCompactPathExW
PathStripToRootW
StrRChrW
StrFormatByteSizeW
PathRenameExtensionW
StrStrIW
PathRemoveFileSpecW
PathFindFileNameW
StrCatBuffW

kernel32

ResetEvent
LocalAlloc
CreateEventW
lstrcmpiW
lstrcatW
CloseHandle
LocalFree
lstrcpyW
CreateThread
lstrcmpW
GetFileSize
lstrcmpA
lstrlenA
GetCPInfo
lstrcpynA
SetEndOfFile
GlobalSize
GlobalLock
GetModuleHandleW
GetTickCount
WriteFile
WideCharToMultiByte
ReadFile
CreateFileW
lstrcatA
GetACP
MultiByteToWideChar
GlobalUnlock
GetLastError
lstrcmpiA
GetProcAddress
IsValidCodePage
GetOEMCP
LocalSize
LCMapStringW
lstrcpyA
FreeResource
FindResourceW
LoadResource
GetCurrentProcess
GetLocaleInfoW
SizeofResource
MulDiv
WritePrivateProfileSectionW
GetLongPathNameW
LockResource
GetModuleHandleA
GetWindowsDirectoryW
GetPrivateProfileSectionW
ExpandEnvironmentStringsW
GetCommandLineW
GetDateFormatW
SearchPathW
FindFirstFileW
FindFirstChangeNotificationW
SetErrorMode
FreeLibrary
CreateProcessW
CompareFileTime
FindCloseChangeNotification
GetPrivateProfileStringW
LoadLibraryW
GetTimeFormatW
GetStartupInfoW
FindClose
GetLocalTime
SetCurrentDirectoryW
FindNextChangeNotification
GlobalFree
SetFileAttributesW
SetEvent
GlobalAlloc
FormatMessageW
lstrcpynW
GetCurrentDirectoryW
GetPrivateProfileIntW
WritePrivateProfileStringW
lstrlenW
ExitThread
GetModuleFileNameW
FlushFileBuffers
SetEnvironmentVariableA
WriteConsoleW
SetStdHandle
ReadConsoleW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
OutputDebugStringW
RtlUnwind
HeapReAlloc
GetStringTypeW
RaiseException
HeapSize
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcessId
GetModuleFileNameA
GetFileType
GetStdHandle
GetProcessHeap
GetModuleHandleExW
ExitProcess
CompareStringW
HeapAlloc
HeapFree
GetTimeZoneInformation
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
Sleep
InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentThreadId
SetLastError
GetSystemTimeAsFileTime
DecodePointer
EncodePointer
GetCommandLineA
IsProcessorFeaturePresent
IsDebuggerPresent
DeleteCriticalSection
LoadLibraryA
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
QueryPerformanceCounter
LoadLibraryExW
GetLocaleInfoA
GetVersion
GetFileAttributesW
WaitForSingleObject

user32

SetCapture
DestroyCursor
GetCaretBlinkTime
ShowOwnedPopups
ClientToScreen
SetWindowPlacement
TranslateAcceleratorW
SetTimer
ScreenToClient
GetMessageW
PostQuitMessage
TrackPopupMenu
ShowWindowAsync
RegisterWindowMessageW
IsIconic
IsChild
UnregisterClassW
KillTimer
IsZoomed
GetSubMenu
CopyImage
GetDoubleClickTime
LoadAcceleratorsW
GetForegroundWindow
IsDialogMessageW
GetWindowPlacement
OffsetRect
TrackPopupMenuEx
CheckMenuRadioItem
IntersectRect
LoadMenuW
GetClassNameW
EnableMenuItem
ChangeClipboardChain
IsWindow
SetMenuDefaultItem
EqualRect
MessageBoxW
RegisterClassW
IsWindowVisible
CountClipboardFormats
UpdateWindow
DestroyMenu
GetDlgCtrlID
SetClipboardViewer
DefWindowProcW
CheckMenuItem
DrawAnimatedRects
GetWindowRect
SetActiveWindow
CharUpperBuffW
DialogBoxIndirectParamW
GetMenuStringW
IsWindowEnabled
GetClientRect
GetDC
GetMenu
CreateDialogIndirectParamW
SetRect
InvalidateRect
SystemParametersInfoW
ReleaseDC
GetMenuState
SetWindowPos
FindWindowExW
AdjustWindowRectEx
DeferWindowPos
GetSystemMetrics
MapWindowPoints
SetWindowTextW
GetMonitorInfoW
MonitorFromRect
DestroyWindow
SetCursor
CloseClipboard
GetSystemMenu
CharNextW
GetKeyState
IsClipboardFormatAvailable
LoadCursorW
wsprintfA
IsCharLowerA
SetFocus
IsCharUpperW
CharLowerW
GetCapture
ChildWindowFromPoint
SetCursorPos
CharLowerA
GetClipboardData
EmptyClipboard
CharUpperW
GetSysColor
GetCursorPos
GetSysColorBrush
IsCharLowerW
GetActiveWindow
CreateWindowExW
InsertMenuW
OpenClipboard
ReleaseCapture
SetClipboardData
IsCharAlphaNumericA
GetParent
GetWindowTextLengthW
GetDlgItemInt
RemovePropW
wvsprintfW
LoadImageW
PostMessageW
GetFocus
MessageBeep
CharPrevW
wsprintfW
SetPropW
TranslateMessage
SetDlgItemInt
LoadIconW
IsCharAlphaNumericW
GetWindowLongW
PeekMessageW
GetDlgItem
SetWindowLongW
EndDialog
SendDlgItemMessageW
LoadStringW
CheckDlgButton
ShowWindow
IsDlgButtonChecked
CheckRadioButton
GetMessageTime
SetScrollInfo
RegisterClipboardFormatW
SetCaretPos
CreateCaret
AppendMenuA
DestroyCaret
IsWindowUnicode
GetScrollInfo
GetKeyboardLayout
RegisterClassExW
BeginPaint
ShowCaret
MsgWaitForMultipleObjects
HideCaret
GetUpdateRgn
EndPaint
CallWindowProcW
SystemParametersInfoA
FrameRect
CreatePopupMenu
InflateRect
DrawFocusRect
GetIconInfo
CreateIconIndirect
DrawTextA
DrawTextW
FillRect
MessageBoxIndirectW
BeginDeferWindowPos
GetDlgItemTextW
SetDlgItemTextW
SendMessageW
EnableWindow
EndDeferWindowPos
MessageBoxExW
GetPropW
DispatchMessageW
EnumWindows
SetForegroundWindow

gdi32

CreateRectRgn
CreateCompatibleBitmap
CreateCompatibleDC
StretchBlt
CreateDIBSection
Polygon
GetTextExtentPoint32A
BitBlt
CombineRgn
CreateBitmap
CreateSolidBrush
ExtTextOutA
IntersectClipRect
RoundRect
CreatePatternBrush
GetNearestColor
GetTextExtentExPointA
GetTextExtentExPointW
Rectangle
MoveToEx
EndPage
GetTextMetricsW
LineTo
StartPage
DeleteDC
SetBkColor
DPtoLP
ExtTextOutW
CreateFontW
StartDocW
CreatePen
SetTextAlign
EndDoc
TranslateCharsetInfo
GetTextExtentPoint32W
EnumFontsW
GetDeviceCaps
SetMapMode
SetTextColor
SetBkMode
SelectObject
CreateFontIndirectW
DeleteObject
GetObjectW
GetStockObject
Ellipse

comdlg32

ChooseFontW
PrintDlgW
GetSaveFileNameW
PageSetupDlgW
ChooseColorW
GetOpenFileNameW

advapi32

OpenProcessToken
GetTokenInformation
IsTextUnicode

shell32

ShellExecuteExW
SHGetFileInfoW
ShellExecuteW
SHGetPathFromIDListW
SHGetDesktopFolder
SHGetDataFromIDListW
SHAppBarMessage
SHAddToRecentDocs
SHGetFolderPathW
ord180
SHGetSpecialFolderPathW
SHCreateDirectoryExW
Shell_NotifyIconW
DragFinish
DragQueryFileW
DragAcceptFiles
SHBrowseForFolderW

ole32

OleUninitialize
OleInitialize
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
CoInitialize
CoUninitialize
RevokeDragDrop
DoDragDrop
RegisterDragDrop

imm32

ImmNotifyIME
ImmSetCompositionWindow
ImmSetCandidateWindow
ImmGetCompositionStringW
ImmSetCompositionFontW
ImmReleaseContext
ImmGetContext

Sections

.text
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 158KB - Virtual size: 197KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5c8e73eb94a90e4b4db498c4093e2ca0

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

comctl32

shlwapi

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

imm32

Sections

.text Size: 1.0MB - Virtual size: 1.0MB

.data Size: 158KB - Virtual size: 197KB

.idata Size: 11KB - Virtual size: 11KB

.rsrc Size: 116KB - Virtual size: 115KB

.reloc Size: 41KB - Virtual size: 40KB

.text
Size: 1.0MB - Virtual size: 1.0MB

.data
Size: 158KB - Virtual size: 197KB

.idata
Size: 11KB - Virtual size: 11KB

.rsrc
Size: 116KB - Virtual size: 115KB

.reloc
Size: 41KB - Virtual size: 40KB