2024-09-04_44c7fbc27435c948a2d3bdb64747c337_bkransomware

Sharing

Copy URL Twitter E-mail

General

Target

2024-09-04_44c7fbc27435c948a2d3bdb64747c337_bkransomware
Size

6.7MB
MD5

44c7fbc27435c948a2d3bdb64747c337
SHA1

a6a07514658e10bffecf711be5f6e7ad955f2b5f
SHA256

aee623392dba2691ac20bc4de45a98855d76e923c71ea14bf6d4ce102fb5150c
SHA512

a77035754d29d3850f95fca692e65d8dc8c851fe81ba18b5d7acb983214e9ce3f5031c32e7ba85d284ee17889b458ed86bd3c3e42e7d29c4ae025017dd14ba27
SSDEEP

98304:95R5yiJSZj0ef0pUkI2rCnve8iBsTzPIoznA4tP5NqN98g4H6Y0L8l/6aaM5fGYr:95R5jJSt0ef0pYvFi0h68taNgU2fbD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-09-04_44c7fbc27435c948a2d3bdb64747c337_bkransomware

Files

2024-09-04_44c7fbc27435c948a2d3bdb64747c337_bkransomware
.exe windows:6 windows x86 arch:x86

97f5e61bba75aaa26ed3e1afb7dbb454

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenFileMappingA
EnumSystemLocalesW
SuspendThread
GetSystemDirectoryA
DeleteCriticalSection
EncodePointer
GetTempFileNameW
EnumResourceNamesW
RtlCaptureContext
MapViewOfFile
UnmapViewOfFile
GetDriveTypeW
GetSystemDefaultUILanguage
SetEndOfFile
FreeLibrary
SystemTimeToTzSpecificLocalTime
SetDllDirectoryW
EnumCalendarInfoW
VerSetConditionMask
GetCommState
QueryPerformanceCounter
CreateDirectoryW
SetHandleInformation
GetUserDefaultLCID
GetLogicalDrives
GetTickCount
GetCurrentThread
GetPrivateProfileStringW
GetProcessTimes
OpenProcess
GetConsoleCP
GetSystemDirectoryW
Sleep
SizeofResource
CreateEventA
FormatMessageW
HeapDestroy
HeapCreate
GetExitCodeProcess
lstrcpynW
IsProcessorFeaturePresent
Beep
TerminateProcess
FileTimeToSystemTime
GetOverlappedResult
GetACP
ExitThread
WritePrivateProfileStringW
GlobalUnlock
GetPrivateProfileIntW
VerifyVersionInfoW
GetLastError
GetDiskFreeSpaceW
FindClose
LockResource
CreateEventW
QueryDosDeviceW
GetSystemInfo
GetModuleFileNameA
GetThreadPriority
VirtualProtect
GetThreadTimes
WinExec
CloseHandle
GetWindowsDirectoryW
FileTimeToLocalFileTime
GetVersion
GetCurrentProcessId
LocalFree
TlsFree
ResumeThread
lstrcpyW
CreateThread
WriteConsoleW
SetStdHandle
SetFilePointerEx
GetConsoleMode
FlushFileBuffers
GetStringTypeW
LCMapStringW
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
ReleaseSemaphore
VirtualFree
VirtualAlloc
GetVersionExW
FreeLibraryAndExitThread
OutputDebugStringW
FreeEnvironmentStringsW
WriteFile
GetModuleFileNameW
GetFileType
GetStdHandle
GetCPInfo
CreateFileW
GetOEMCP
IsValidCodePage
IsDebuggerPresent
GetProcessHeap
HeapAlloc
HeapSize
GetModuleHandleExW
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
SwitchToThread
GetModuleHandleA
EnumResourceTypesW
RemoveDirectoryW
GetExitCodeThread
CreateFileMappingA
LoadLibraryA
GetLocalTime
ResetEvent
GlobalFree
SetLastError
IsDBCSLeadByteEx
GetCPInfoExW
RaiseException
GetTempPathW
SetThreadPriority
MultiByteToWideChar
CompareStringW
GetFileAttributesW
GetSystemTimeAdjustment
ReadProcessMemory
IsValidLocale
LoadLibraryW
SetCommTimeouts
WideCharToMultiByte
GetSystemTimeAsFileTime
GetCommandLineA
ExpandEnvironmentStringsA
SignalObjectAndWait
GlobalLock
HeapFree
GetEnvironmentStringsW
SetEnvironmentVariableW
InitializeSListHead
CompareFileTime
GetCurrentProcess
SystemTimeToFileTime
LoadLibraryExW
LoadResource
FindResourceW
SetErrorMode
VirtualQuery
GetEnvironmentVariableW
GetUserDefaultUILanguage
ExitProcess
WaitForSingleObjectEx
SetEvent
CreateTimerQueue
CreateSemaphoreW
GetProcAddress
GetModuleHandleW
GetStartupInfoW
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
DuplicateHandle
WaitForSingleObject
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
DecodePointer
HeapReAlloc
GetCommandLineW
RtlUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter

user32

BeginDeferWindowPos
SetDlgItemTextW
GetKeyboardType
EndPaint
ClientToScreen
GetMessageW
PostMessageW
GetKeyState
AttachThreadInput
DrawTextExW
GetMenuItemInfoW
CreateIconIndirect
DrawFocusRect
CreateDialogIndirectParamA
CheckMenuRadioItem
MessageBoxA
LoadMenuW
DrawStateW
SetWindowLongW
SendDlgItemMessageW
ShowWindow
GetSysColorBrush
GetMenuItemCount
CreateWindowExW
InsertMenuW
MessageBoxW
ValidateRgn
SendMessageW
UpdateWindow
DestroyMenu
ToUnicode
DestroyIcon
DrawFrameControl
SetMenuItemInfoW
GetMonitorInfoW
CheckMenuItem
GetWindowThreadProcessId
IsRectEmpty
DrawMenuBar
GetDlgItemInt
CharUpperBuffW
ModifyMenuW
GetDC
GetWindowTextW
SystemParametersInfoW
GetClassNameW
CharUpperW
GetDesktopWindow
EnumChildWindows

gdi32

Arc
SetWindowExtEx
GetMetaFileBitsEx
SetTextColor
Polygon
PlayEnhMetaFile
OffsetRgn
ExtCreateRegion
GetTextExtentPointW
CreateBitmapIndirect
SetStretchBltMode
CreatePatternBrush
CreatePolygonRgn
SetWindowOrgEx
CreateHatchBrush
CreateFontIndirectW
StretchBlt
RectInRegion
Ellipse
GetObjectW
SetViewportExtEx
SetWinMetaFileBits
PolyPolygon

comdlg32

GetSaveFileNameW

advapi32

RegDeleteValueA
RegConnectRegistryW
QueryServiceStatus
StartServiceW
RegOpenKeyExA
SetSecurityDescriptorDacl
RegDeleteKeyA
RegQueryInfoKeyW
OpenServiceW
OpenSCManagerW
CloseServiceHandle
RegUnLoadKeyW
RegCloseKey
ControlService
SetSecurityDescriptorOwner
OpenProcessToken
RegOpenKeyExW

shell32

CommandLineToArgvW
ShellExecuteExW
ShellExecuteW

ole32

CoInitialize
CoTaskMemFree

oleaut32

SafeArrayPtrOfIndex
SysAllocStringLen
SafeArrayCreate
VariantClear
SafeArrayGetLBound

Sections

.text
Size: 695KB - Virtual size: 694KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6.0MB - Virtual size: 6.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.NeW
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

97f5e61bba75aaa26ed3e1afb7dbb454

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 695KB - Virtual size: 694KB

.data Size: 6.0MB - Virtual size: 6.0MB

.idata Size: 8KB - Virtual size: 7KB

.NeW Size: 3KB - Virtual size: 2KB

.reloc Size: 13KB - Virtual size: 13KB

.text
Size: 695KB - Virtual size: 694KB

.data
Size: 6.0MB - Virtual size: 6.0MB

.idata
Size: 8KB - Virtual size: 7KB

.NeW
Size: 3KB - Virtual size: 2KB

.reloc
Size: 13KB - Virtual size: 13KB