2024-08-24_6690439221e614df5e72d44dbf52379e_bkransomware

Sharing

Copy URL

Twitter E-mail

General

Target

2024-08-24_6690439221e614df5e72d44dbf52379e_bkransomware
Size

6.6MB
MD5

6690439221e614df5e72d44dbf52379e
SHA1

7cb6c7de71c6352de34f80e842b9c122e7842a78
SHA256

56024e139c59b77064257d8f39772d91e2b3da9b6cc554b98019a5491ae2176c
SHA512

9ac77ede9606946609a5c72856e7d033409fe54e22c960fae607fe6c27295264a397b2847123cfbd115fac79fab882c1c6721f93cb00ca5a365c7f476572b412
SSDEEP

98304:IT1wsFsoedtpEXzvK2EBnY1NhZIKDszb3DGEuKQ5ELiSgXhk4ho7VSmmxI:OhbkEsY1NLINDJ8ELEXhRipQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-08-24_6690439221e614df5e72d44dbf52379e_bkransomware

Files

2024-08-24_6690439221e614df5e72d44dbf52379e_bkransomware
.exe windows:6 windows x86 arch:x86

b00b848309fb730ff9139378332e2055

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
ReleaseSemaphore
VirtualProtect
VirtualFree
GetModuleHandleA
FreeLibraryAndExitThread
FreeLibrary
GetThreadTimes
OutputDebugStringW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcessId
QueryPerformanceCounter
WriteFile
GetModuleFileNameW
GetFileType
GetStdHandle
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
IsDebuggerPresent
GetProcessHeap
HeapAlloc
HeapSize
WideCharToMultiByte
MultiByteToWideChar
GetModuleHandleExW
ExitProcess
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
UnregisterWaitEx
CreateTimerQueueTimer
GetLogicalProcessorInformation
WaitForSingleObjectEx
SetEvent
CreateTimerQueue
HeapFree
LoadLibraryExW
ExitThread
CreateThread
CreateSemaphoreW
GetProcAddress
GetModuleHandleW
GetTickCount
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
CreateEventW
InitializeCriticalSectionAndSpinCount
SetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsProcessorFeaturePresent
RtlUnwind
RaiseException
GetCommandLineW
HeapReAlloc
DecodePointer
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetSystemTimeAsFileTime
GetExitCodeThread
GetCurrentThreadId
GetCurrentThread
GetCurrentProcess
WaitForSingleObject
DuplicateHandle
LCMapStringW
GetStringTypeW
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetFilePointerEx
SetStdHandle
WriteConsoleW
SwitchToThread
ResumeThread
EncodePointer
GetVersion
FileTimeToLocalFileTime
GetWindowsDirectoryW
WinExec
GetThreadPriority
QueryDosDeviceW
RemoveDirectoryW
GetDiskFreeSpaceW
VirtualAlloc
GetThreadLocale
GetLastError
GetCPInfoExW
VerifyVersionInfoW
SetThreadPriority
FileTimeToSystemTime
GetFileAttributesW
lstrcpynW
GetExitCodeProcess
HeapCreate
HeapDestroy
GetVersionExW
FormatMessageW
Sleep
GetPrivateProfileStringW
GetLogicalDrives
SignalObjectAndWait
VerSetConditionMask
EnumCalendarInfoW
LoadResource
FindResourceW
RtlCaptureContext
GetFileSize
GetTempFileNameW
GetFullPathNameW
lstrcpyW
SuspendThread
GetUserDefaultUILanguage
DeviceIoControl
LockResource
SetThreadLocale
WritePrivateProfileStringW
LoadLibraryW
GetUserDefaultLangID
SystemTimeToFileTime
FindFirstFileW
EnumResourceNamesW
ChangeTimerQueueTimer
CloseHandle
CreateFileW

user32

GetSystemMetrics
ToAsciiEx
ShowOwnedPopups
GetMessageA
SetWindowRgn
SetTimer
GetWindowRect
MapDialogRect
GetMessageW
PostQuitMessage
CharNextW
RegisterWindowMessageW
IsIconic
SetKeyboardState
PostMessageW
GetKeyState
GetSubMenu
LoadIconA
RemovePropA
GetWindowTextLengthA
GetMenuItemInfoW
WaitMessage
GetQueueStatus
GetCapture
ShowCursor
GetWindowPlacement
OffsetRect
GetWindowTextA
SetPropA
GetKeyboardLayout
SetRect
MessageBoxA
GetWindowTextW
SetScrollPos
GetClassNameW
MonitorFromWindow
SetClassLongA
GetDlgItem
CharUpperW
SetWindowsHookExA
RedrawWindow
CheckDlgButton
GetWindow
CreatePopupMenu
IsDlgButtonChecked
RemoveMenu
FlashWindow
GetKeyboardType
CreateWindowExW
CheckRadioButton
RegisterClassW
ShowWindow
SetCaretPos
InsertMenuA
GetDlgItemTextW
SetDlgItemTextW
SendMessageW
UpdateWindow
EnableWindow
GetDlgItemTextA
DialogBoxParamA
GetCaretBlinkTime
SetWindowTextW
SetMenuItemInfoW
SetDlgItemTextA
GetMonitorInfoW
GetMessageTime
RegisterClassA
HideCaret
CreateDialogParamA
SendDlgItemMessageA
TrackPopupMenu
SetCapture
IsZoomed
DeleteMenu
CharLowerBuffW
GetClientRect
DrawEdge
ShowCaret
GetDoubleClickTime
GetDC
GetMenu
SetWindowLongA
GetScrollInfo
LoadMenuW
GetWindowLongW
GetWindowLongA
GetDesktopWindow
GetSysColor
EnumChildWindows
GetSysColorBrush
AppendMenuA
SystemParametersInfoA
ReleaseCapture
ScrollWindowEx
SetWindowTextA
MapWindowPoints
LoadCursorA
SetScrollInfo
ValidateRect
CheckMenuItem
TranslateMDISysAccel

gdi32

GetBitmapBits
EndPage
BitBlt
GetWindowOrgEx
GetTextExtentPoint32W
SetTextColor
GetCharacterPlacementW
DeleteDC
CreateFontIndirectW
CreateFontA
GetDeviceCaps
SetBkColor
CopyEnhMetaFileA
SetPixel
CreatePalette
CreateBitmap
SelectClipRgn
PolyPolyline
SetMapMode
Rectangle
SaveDC
RealizePalette
SelectPalette
SetPaletteEntries
GetTextExtentPointA
GetCharABCWidthsFloatA
GetClipBox
IntersectClipRect
CreateDIBitmap
GetPixel
EndDoc
GetStockObject
ExtCreatePen
PatBlt
LineTo
CreateFontIndirectA
CreateHalftonePalette
SelectObject
CreateCompatibleBitmap
GetDIBColorTable
CreatePen
RoundRect
UpdateColors
GetCharWidth32A

comdlg32

FindTextW
GetOpenFileNameW
GetSaveFileNameW

advapi32

RegUnLoadKeyW
RegSetValueExW
RegEnumKeyExW
ChangeServiceConfigW
RegConnectRegistryW
QueryServiceStatus
StartServiceW
RegGetKeySecurity
InitializeSecurityDescriptor
RegQueryInfoKeyW
CopySid
OpenServiceW
CloseServiceHandle
ControlService
GetLengthSid
RegSetKeySecurity
AllocateAndInitializeSid

shell32

CommandLineToArgvW
SHGetFileInfoW
ShellExecuteExW
Shell_NotifyIconW
ExtractIconExW

ole32

CoInitialize

oleaut32

SafeArrayGetUBound
SysFreeString
SafeArrayPtrOfIndex
VariantChangeType
SysAllocStringLen
VariantInit
VariantClear
VariantCopy
SysReAllocStringLen
SafeArrayCreate

Sections

.text
Size: 665KB - Virtual size: 665KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6.0MB - Virtual size: 6.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.oHoC
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b00b848309fb730ff9139378332e2055

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 665KB - Virtual size: 665KB

.data Size: 6.0MB - Virtual size: 6.0MB

.idata Size: 8KB - Virtual size: 8KB

.oHoC Size: 4KB - Virtual size: 3KB

.reloc Size: 14KB - Virtual size: 13KB

.text
Size: 665KB - Virtual size: 665KB

.data
Size: 6.0MB - Virtual size: 6.0MB

.idata
Size: 8KB - Virtual size: 8KB

.oHoC
Size: 4KB - Virtual size: 3KB

.reloc
Size: 14KB - Virtual size: 13KB