2024-09-05_7b05eef44348355aacc44b7187fcdca7_bkransomware

Sharing

Copy URL Twitter E-mail

General

Target

2024-09-05_7b05eef44348355aacc44b7187fcdca7_bkransomware
Size

465KB
MD5

7b05eef44348355aacc44b7187fcdca7
SHA1

9c0293d1d196e775c1cfb93081d0b0ca8580acb8
SHA256

9305478e47b155e58a21a4f283e549f5cc2e2bf0835af1a8ac77bb0e1fdfd21b
SHA512

361a7edf5163fd9d4380f5a6917038a370abd993df1ffeca635866c0d3a47931af8fcaf5fb2820d5be1d155e5d3eb385debe69ccfe93d19a7cd8dc4d7fcaef9f
SSDEEP

12288:pA45SeqC6BJrGifJz+Nf1DTay9OWntoFJ5:pp2C4XfN+aywWnt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-09-05_7b05eef44348355aacc44b7187fcdca7_bkransomware

Files

2024-09-05_7b05eef44348355aacc44b7187fcdca7_bkransomware
.exe windows:5 windows x86 arch:x86

950c3148e346b952b4ae6e9b28b90349

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetTextAlign
GetTextCharacterExtra
GetFontLanguageInfo
UpdateColors
SetPixel
SetTextColor
GetTextCharset
GetTextCharsetInfo
GetNearestPaletteIndex
GetTextColor
GetPolyFillMode
GetFontUnicodeRanges
SetSystemPaletteUse
SetTextCharacterExtra

user32

WindowFromDC
CheckDlgButton
IsWindowEnabled
GetMenuState
EndDialog
GetWindowLongA
GetScrollPos
GetMenu
LoadIconA
SetDlgItemTextA
IsWindowUnicode
GetQueueStatus
GetDialogBaseUnits
GetMenuContextHelpId
ShowWindow
DrawTextA
GetDlgItem
MoveWindow
GetInputState
GetWindowDC
RemovePropA
GetMenuCheckMarkDimensions

kernel32

GetFullPathNameA
ReadConsoleW
ReadFile
SetEndOfFile
GetTimeZoneInformation
GetStringTypeW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
HeapSize
CreateFileW
GetCurrentDirectoryW
SetCurrentDirectoryW
GetFullPathNameW
PeekNamedPipe
GetFileInformationByHandle
FileTimeToLocalFileTime
FlushFileBuffers
GetProcAddress
GetModuleHandleA
GetTickCount
SetFilePointer
GetCurrentProcess
LockResource
IsDebuggerPresent
GetLastError
GetVersion
QueryPerformanceCounter
DeleteFileA
CloseHandle
GetCurrentProcessId
IsProcessorFeaturePresent
GlobalSize
GlobalFlags
GlobalHandle
FindClose
HeapFree
HeapAlloc
GetSystemTimeAsFileTime
HeapReAlloc
EncodePointer
DecodePointer
ExitProcess
GetModuleHandleExW
AreFileApisANSI
MultiByteToWideChar
WideCharToMultiByte
GetCommandLineA
GetProcessHeap
GetStdHandle
WriteFile
GetModuleFileNameW
SetLastError
GetCurrentThread
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
RtlUnwind
GetConsoleCP
GetConsoleMode
FindFirstFileExW
GetDriveTypeW
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
DeleteCriticalSection
FatalAppExitA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
CreateEventW
Sleep
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
CreateSemaphoreW
SetConsoleCtrlHandler
FreeLibrary
LoadLibraryExW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetFileType
GetModuleFileNameA
GetEnvironmentStringsW
FreeEnvironmentStringsW
OutputDebugStringW
SetFilePointerEx
SetStdHandle
WriteConsoleW
SetEnvironmentVariableA

Sections

.text
Size: 395KB - Virtual size: 394KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

950c3148e346b952b4ae6e9b28b90349

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

user32

kernel32

Sections

.text Size: 395KB - Virtual size: 394KB

.rdata Size: 25KB - Virtual size: 24KB

.data Size: 44KB - Virtual size: 130KB

.text
Size: 395KB - Virtual size: 394KB

.rdata
Size: 25KB - Virtual size: 24KB

.data
Size: 44KB - Virtual size: 130KB