2024-08-25_c1f0ff2759f11ade4923df342c096e7d_bkransomware

Sharing

Copy URL

Twitter E-mail

General

Target

2024-08-25_c1f0ff2759f11ade4923df342c096e7d_bkransomware
Size

6.7MB
MD5

c1f0ff2759f11ade4923df342c096e7d
SHA1

22c7168656b587e8931c8b35fd5e4db257e85325
SHA256

de0313af0a5d7bb814e2f1986770a0e37898f40ea3f41f992fa83f59f3f7a373
SHA512

fc3b97697acd082a5d7dbf1ece02cf6722eabf4630de7d66923050d8ef7dd692debdfc051ad3f37db4a935aa675c03bd7beafdd60688a21fce1c8e17b40d2f61
SSDEEP

196608:0i7uRObJRGgFXfLL25dp+6tTwXxXJVgJHh2NTXO:0KukbHbXn2342TCZVQBg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-08-25_c1f0ff2759f11ade4923df342c096e7d_bkransomware

Files

2024-08-25_c1f0ff2759f11ade4923df342c096e7d_bkransomware
.exe windows:6 windows x86 arch:x86

9aafde817848680478a8d56a0124cc1b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SizeofResource
GetTempPathW
GetThreadPriority
FileTimeToLocalFileTime
GetFullPathNameW
GetCommandLineW
GetDateFormatW
CreateFileA
FindFirstFileW
GetDriveTypeW
GetCPInfo
FindResourceW
LoadResource
LoadLibraryExW
VerSetConditionMask
WaitNamedPipeA
SetEnvironmentVariableW
QueryPerformanceCounter
SetHandleInformation
WaitForSingleObject
GetLogicalDrives
ConnectNamedPipe
GetSystemTimeAsFileTime
GetProcessTimes
TlsSetValue
IsValidLocale
GetLocaleInfoW
Sleep
ReadProcessMemory
FormatMessageW
GetSystemTimeAdjustment
HeapDestroy
GetFileAttributesA
LeaveCriticalSection
GetExitCodeProcess
CreateProcessA
FileTimeToSystemTime
GetModuleFileNameW
GetSystemDirectoryA
CreateFileW
GetOverlappedResult
WritePrivateProfileStringW
GlobalUnlock
GetPrivateProfileIntW
GetLastError
IsDBCSLeadByteEx
ResetEvent
GetLocalTime
LoadLibraryA
GetExitCodeThread
LockResource
CreateEventW
GetModuleFileNameA
VirtualProtect
GetCommandLineA
WinExec
TlsAlloc
DeleteFileW
LocalFree
TlsFree
ResumeThread
CreateThread
SetStdHandle
SetFilePointerEx
GetConsoleMode
LCMapStringW
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
ReleaseSemaphore
VirtualFree
GetVersionExW
FreeLibraryAndExitThread
GetThreadTimes
OutputDebugStringW
FreeEnvironmentStringsW
GetCurrentProcessId
WriteFile
GetFileType
GetStdHandle
GetOEMCP
GetACP
IsDebuggerPresent
GetProcessHeap
HeapAlloc
HeapSize
WideCharToMultiByte
MultiByteToWideChar
WriteConsoleW
GetModuleHandleExW
ExitProcess
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
EnumCalendarInfoW
SwitchToThread
DeleteFileA
SuspendThread
GetSystemTime
OpenFileMappingA
GetStringTypeW
GetModuleHandleA
GetSystemInfo
RemoveDirectoryW
CreateFileMappingA
GlobalFree
EnterCriticalSection
IsValidCodePage
VirtualAlloc
VerifyVersionInfoW
FlushFileBuffers
ExitThread
MulDiv
lstrcpynW
GetFileAttributesW
LoadLibraryW
InitializeCriticalSectionAndSpinCount
GetConsoleCP
SetCommTimeouts
SetCommState
VirtualQueryEx
SignalObjectAndWait
GlobalLock
CreateDirectoryW
GetEnvironmentStringsW
GetCommState
SystemTimeToFileTime
SystemTimeToTzSpecificLocalTime
FreeLibrary
SetEndOfFile
SetFilePointer
EnumResourceNamesW
DeleteCriticalSection
EncodePointer
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
SetThreadPriority
WaitForSingleObjectEx
SetEvent
CreateTimerQueue
HeapFree
CreateSemaphoreW
GetProcAddress
GetModuleHandleW
GetTickCount
GetStartupInfoW
CloseHandle
DuplicateHandle
GetCurrentProcess
GetCurrentThread
GetCurrentThreadId
DecodePointer
HeapReAlloc
RaiseException
RtlUnwind
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
TerminateProcess
TlsGetValue

user32

CopyRect
IsRectEmpty
DestroyAcceleratorTable
GetMessageW
IsIconic
GetKeyState
GetSubMenu
LoadStringA
ModifyMenuW
EnumWindows
CreateIconIndirect
DrawFocusRect
CheckMenuRadioItem
MessageBoxA
GetWindowTextW
SystemParametersInfoW
SendDlgItemMessageW
ShowWindow
DrawMenuBar
EnableScrollBar
CreateWindowExW
BeginDeferWindowPos
SendMessageW
UpdateWindow
ToUnicode
DrawFrameControl
GetWindowThreadProcessId
DrawIconEx
GetMenuItemInfoW
GetDC
InflateRect
LoadMenuW
GetWindowLongW
CharUpperW
DestroyCursor
GetDesktopWindow
GetSysColorBrush
GetMenuItemCount
GetKeyboardType
GetDlgItemTextW
SetDlgItemTextW
ValidateRgn
DestroyIcon
GetMonitorInfoW
GetWindowInfo

gdi32

ExtFloodFill
SetWindowExtEx
CreateHatchBrush
Polygon
GetEnhMetaFileHeader
RectInRegion
ExtCreateRegion
GetTextExtentPointW
CreatePatternBrush
CloseEnhMetaFile
CreateEnhMetaFileW
SetPolyFillMode
SetLayout
SetViewportOrgEx
CreateFontIndirectW
GetRgnBox
GetRegionData
CreateBitmapIndirect
SetROP2
Arc

comdlg32

GetOpenFileNameW

advapi32

AdjustTokenPrivileges
RegOpenKeyExW
RegSetKeySecurity
SetSecurityDescriptorOwner
RegConnectRegistryW
LookupPrivilegeValueW
SetSecurityDescriptorDacl
RegDeleteKeyA
OpenServiceW
OpenSCManagerW
CloseServiceHandle
RegSetValueExW
RegEnumKeyExW
RegGetKeySecurity
OpenProcessToken
RegLoadKeyW

shell32

ShellExecuteExW
ExtractIconExW
ShellExecuteW

ole32

CoTaskMemFree

oleaut32

SafeArrayGetUBound
SysFreeString
VariantChangeType
VariantCopy
SafeArrayGetLBound
SafeArrayPtrOfIndex
VariantInit
SafeArrayCreate
SysReAllocStringLen

Sections

.text
Size: 682KB - Virtual size: 681KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6.0MB - Virtual size: 6.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.VUMX
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9aafde817848680478a8d56a0124cc1b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 682KB - Virtual size: 681KB

.data Size: 6.0MB - Virtual size: 6.0MB

.idata Size: 7KB - Virtual size: 7KB

.VUMX Size: 3KB - Virtual size: 2KB

.reloc Size: 13KB - Virtual size: 13KB

.text
Size: 682KB - Virtual size: 681KB

.data
Size: 6.0MB - Virtual size: 6.0MB

.idata
Size: 7KB - Virtual size: 7KB

.VUMX
Size: 3KB - Virtual size: 2KB

.reloc
Size: 13KB - Virtual size: 13KB