2024-08-29_542f97d8f2afa80d54a552121d22f90a_bkransomware

Sharing

Copy URL

Twitter E-mail

General

Target

2024-08-29_542f97d8f2afa80d54a552121d22f90a_bkransomware
Size

6.6MB
MD5

542f97d8f2afa80d54a552121d22f90a
SHA1

0d8ec34dfda45799a88ef4db4b78388940c0b913
SHA256

a7c5356558c77f2209c44e3484dd4215968eb5dff99701993049ca96de3c2cb2
SHA512

7182d7f8937ebfe04a0db66fd22c6c49e8ed233af518544b9f8bd6dfd9a3924a0ebaa627c85b91a881ebbc12e142a9ee4366a81de8cf515b166257287ef29622
SSDEEP

98304:9XxMiOnHiCsJD2ARZSAZeCURoGbZ8ddn3wrPGIU6UnOzxB7TrIG27PVatNWR7UkY:9XxvcH+JDGApC1Nd66UeXIuNU77Y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-08-29_542f97d8f2afa80d54a552121d22f90a_bkransomware

Files

2024-08-29_542f97d8f2afa80d54a552121d22f90a_bkransomware
.exe windows:6 windows x86 arch:x86

e163f4b6ef06293047cc1fe76d45717c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SystemTimeToFileTime
GetCommState
SetEnvironmentVariableW
CreateDirectoryW
GetModuleHandleExW
GetLogicalDrives
ConnectNamedPipe
WaitForSingleObjectEx
GetTickCount
ExpandEnvironmentStringsA
GetSystemTimeAsFileTime
GetWindowsDirectoryA
ClearCommBreak
VirtualQueryEx
GetConsoleCP
GetSystemDirectoryW
IsValidLocale
GetLocaleInfoW
ReadProcessMemory
CreateEventA
FormatMessageW
GetSystemTimeAdjustment
GetVersionExW
HeapDestroy
GetFileAttributesA
LeaveCriticalSection
GetExitCodeProcess
IsProcessorFeaturePresent
GetFileAttributesW
MulDiv
GetSystemDirectoryA
GetTimeZoneInformation
MultiByteToWideChar
GlobalUnlock
GetCPInfoExW
SetLastError
CreateNamedPipeA
IsValidCodePage
EnterCriticalSection
GlobalFree
GetDiskFreeSpaceW
ResetEvent
GetLocalTime
LoadLibraryA
CreateFileMappingA
GetExitCodeThread
CreateEventW
RemoveDirectoryW
GetSystemInfo
CreatePipe
GetOEMCP
FindNextFileA
GetModuleHandleA
IsDebuggerPresent
WinExec
CloseHandle
FileTimeToLocalFileTime
GetThreadTimes
LocalFree
GetSystemTime
LoadLibraryExW
SuspendThread
lstrcpyW
DeleteFileA
CreateThread
SwitchToThread
SetStdHandle
LoadLibraryW
SetFilePointerEx
GetConsoleMode
FlushFileBuffers
GetStringTypeW
LCMapStringW
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
ReleaseSemaphore
VirtualProtect
VirtualAlloc
FreeLibraryAndExitThread
OutputDebugStringW
FreeEnvironmentStringsW
GetCurrentProcessId
WriteFile
GetFileType
GetStdHandle
GetACP
GetProcessHeap
HeapAlloc
HeapSize
WriteConsoleW
ExitProcess
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
SetThreadPriority
SetEvent
CreateTimerQueue
CreateSemaphoreW
GetProcAddress
GetModuleHandleW
FreeLibrary
SetErrorMode
SetEndOfFile
GetDriveTypeW
FindFirstFileW
GlobalMemoryStatus
GetDateFormatW
EncodePointer
IsDBCSLeadByteEx
TlsAlloc
FindNextFileW
GetThreadPriority
GetModuleFileNameA
EnumResourceTypesW
QueryDosDeviceW
LockResource
FindClose
GetThreadLocale
GetLastError
VerifyVersionInfoW
ExitThread
GetOverlappedResult
CreateFileW
GetModuleFileNameW
HeapCreate
SizeofResource
InitializeCriticalSectionAndSpinCount
Sleep
WideCharToMultiByte
GetProcessTimes
GetUserDefaultLangID
GetCommandLineA
GetPrivateProfileStringW
VirtualFree
GetCurrentThread
SignalObjectAndWait
WaitForSingleObject
HeapFree
GetEnvironmentStringsW
QueryPerformanceCounter
SetDllDirectoryW
GetSystemDefaultUILanguage
VirtualQuery
GetCPInfo
RtlCaptureContext
SetFilePointer
GetFileSize
EnumResourceNamesW
GetTempFileNameW
TlsFree
GetEnvironmentVariableW
GetStartupInfoW
TlsSetValue
TlsGetValue
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlUnwind
RaiseException
GetCommandLineW
HeapReAlloc
DecodePointer
DeleteCriticalSection
GetCurrentThreadId
DuplicateHandle
GetCurrentProcess

user32

DestroyIcon
CheckMenuItem
IsRectEmpty
GetDlgItemInt
CharUpperBuffW
GetMessageW
GetMenuItemInfoW
CreateIconIndirect
DrawFocusRect
CreateDialogIndirectParamA
CheckMenuRadioItem
MessageBoxA
GetWindowLongW
GetWindowTextW
GetClassNameW
CharUpperW
SendDlgItemMessageW
ShowWindow
GetSysColorBrush
EnableScrollBar
GetMenuItemCount
InsertMenuW
SetDlgItemTextW
SendMessageW
UpdateWindow
EndMenu
DestroyMenu
ToUnicode
DrawFrameControl
SetMenuItemInfoW
GetMonitorInfoW
CopyRect
GetWindow
EndPaint
ClientToScreen
RegisterWindowMessageW
GetSubMenu
AttachThreadInput
GetWindowInfo
CharLowerBuffW
DrawTextExW
ModifyMenuW
EnumWindows
GetDC
InflateRect
GetMenu
DestroyCursor
GetDesktopWindow
EnumChildWindows
DrawMenuBar
GetKeyboardType
BeginDeferWindowPos
ValidateRgn
CreateWindowExW

gdi32

SetWindowOrgEx
PolyPolygon
GetTextExtentPoint32W
GetMetaFileBitsEx
SetTextColor
CreateHatchBrush
GetRgnBox
GetEnhMetaFileHeader
GetRegionData
PtInRegion
RectInRegion
Ellipse
OffsetRgn
ExtCreateRegion
SetPolyFillMode
StretchDIBits
GetTextExtentPointW
GetNearestPaletteIndex
CreatePatternBrush
SetROP2
CloseEnhMetaFile
SetLayout
Arc
SetViewportOrgEx
GetBkColor
SetViewportExtEx
CreatePolygonRgn

comdlg32

GetSaveFileNameW
GetOpenFileNameW
FindTextW

advapi32

RegSetKeySecurity
ChangeServiceConfigW
RegConnectRegistryW
QueryServiceStatus
LookupPrivilegeValueW
RegDeleteKeyA
RegQueryInfoKeyW
OpenProcessToken
RegUnLoadKeyW
RegSetValueExW
RegCloseKey
AdjustTokenPrivileges
SetSecurityDescriptorOwner
StartServiceW
RegGetKeySecurity
SetSecurityDescriptorDacl
OpenServiceW
RegEnumKeyExW

shell32

ShellExecuteExW

ole32

CoInitialize
CoTaskMemFree

oleaut32

SafeArrayGetUBound
VariantInit
SysFreeString
SafeArrayPtrOfIndex
SafeArrayCreate
VariantClear
SafeArrayGetLBound

Sections

.text
Size: 672KB - Virtual size: 671KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6.0MB - Virtual size: 6.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.cCi
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e163f4b6ef06293047cc1fe76d45717c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 672KB - Virtual size: 671KB

.data Size: 6.0MB - Virtual size: 6.0MB

.idata Size: 8KB - Virtual size: 7KB

.cCi Size: 3KB - Virtual size: 2KB

.reloc Size: 13KB - Virtual size: 13KB

.text
Size: 672KB - Virtual size: 671KB

.data
Size: 6.0MB - Virtual size: 6.0MB

.idata
Size: 8KB - Virtual size: 7KB

.cCi
Size: 3KB - Virtual size: 2KB

.reloc
Size: 13KB - Virtual size: 13KB