2024-09-07_8b650994232a1ee1877a0647eadf1d51_bkransomware

Sharing

Copy URL Twitter E-mail

General

Target

2024-09-07_8b650994232a1ee1877a0647eadf1d51_bkransomware
Size

6.6MB
MD5

8b650994232a1ee1877a0647eadf1d51
SHA1

1fff01f6300a5ca0791a7b39843ae6f5b17debc9
SHA256

6a8a23577926fa153f8b3bf89d174995c7cc9893930518fc6f1b1e8b585583eb
SHA512

22b8e14b812956e211871689c46735950749d6954280895a6a5855be1d0671ade3a93a7acad2153ac2fb3942d8191f9e264bdc78120fbe223dd77024c6111fee
SSDEEP

196608:ams2fERGdEevJEP4DTcDwO090yowJxkqcFd:XZfDdXrcDw990ZsxkXF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-09-07_8b650994232a1ee1877a0647eadf1d51_bkransomware

Files

2024-09-07_8b650994232a1ee1877a0647eadf1d51_bkransomware
.exe windows:6 windows x86 arch:x86

fd353b92daf2560d99c2895be487783b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InitializeSListHead
ReleaseSemaphore
VirtualProtect
VirtualFree
GetModuleHandleA
FreeLibraryAndExitThread
FreeLibrary
GetThreadTimes
OutputDebugStringW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcessId
QueryPerformanceCounter
WriteFile
GetModuleFileNameW
GetFileType
GetStdHandle
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
GetProcessHeap
HeapAlloc
HeapSize
WideCharToMultiByte
MultiByteToWideChar
GetModuleHandleExW
ExitProcess
UnregisterWait
RegisterWaitForSingleObject
InterlockedPopEntrySList
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SwitchToThread
WaitForSingleObjectEx
SetEvent
CreateTimerQueue
HeapFree
LoadLibraryExW
CreateThread
CreateSemaphoreW
GetProcAddress
GetModuleHandleW
GetTickCount
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
CreateEventW
InitializeCriticalSectionAndSpinCount
SetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsProcessorFeaturePresent
RtlUnwind
InterlockedPushEntrySList
InterlockedFlushSList
QueryDepthSList
UnregisterWaitEx
LCMapStringW
GetStringTypeW
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetFilePointerEx
SetStdHandle
WriteConsoleW
WinExec
IsDebuggerPresent
DeviceIoControl
RemoveDirectoryW
VirtualAlloc
VerifyVersionInfoW
GetPrivateProfileIntW
GetSystemDefaultUILanguage
GetTempPathW
SetThreadPriority
ExitThread
FileTimeToSystemTime
lstrcpynW
ReadProcessMemory
Sleep
VirtualQueryEx
GetPrivateProfileStringW
SignalObjectAndWait
GetUserDefaultLCID
CompareFileTime
VerSetConditionMask
EnumCalendarInfoW
FindResourceW
SetErrorMode
EnumResourceNamesW
GetTempFileNameW
EncodePointer
GetFullPathNameW
SuspendThread
DeleteFileW
LockResource
GetDiskFreeSpaceW
GetExitCodeProcess
GetVersionExW
FormatMessageW
SizeofResource
LoadLibraryW
GetSystemDirectoryW
GetUserDefaultLangID
SystemTimeToFileTime
SetThreadAffinityMask
RaiseException
GetCommandLineW
HeapReAlloc
GetLastError
DecodePointer
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetSystemTimeAsFileTime
GetExitCodeThread
GetCurrentThreadId
GetCurrentThread
GetCurrentProcess
WaitForSingleObject
DuplicateHandle
CloseHandle
CreateFileW

user32

ShowWindow
ToAsciiEx
EndPaint
GetMessageA
HideCaret
CharUpperBuffW
CreateDialogParamA
GetMessageW
PostQuitMessage
TrackPopupMenu
RegisterWindowMessageW
PostMessageW
KillTimer
LoadIconA
GetClientRect
CreateMenu
ModifyMenuW
ShowCaret
BeginPaint
GetDoubleClickTime
GetQueueStatus
SetDlgItemInt
GetMenu
GetWindowPlacement
OffsetRect
GetWindowTextA
SetPropA
SetRect
MessageBoxA
UnionRect
InvalidateRect
GetWindowLongA
GetWindowTextW
SetScrollPos
GetClassNameW
GetDlgItem
GetMessageTime
DestroyCaret
SendDlgItemMessageW
CheckDlgButton
EnumChildWindows
ScrollWindow
CreateCaret
IsWindow
PostMessageA
RemoveMenu
GetKeyboardType
CreateWindowExW
InsertMenuW
SetWindowTextA
GetDlgItemTextW
SendMessageW
UpdateWindow
EnableWindow
DialogBoxParamA
SetCursor
SetTimer
SendDlgItemMessageA
IsIconic
GetParent
RemovePropA
MessageBeep
GetMenuStringW
CharLowerBuffW
SetParent
SetFocus
SetScrollRange
GetDC
GetCapture
ShowCursor
UnregisterClassA
PeekMessageA
ReleaseDC
SetWindowLongW
RedrawWindow
GetDesktopWindow
SetMenu
GetMenuItemCount
SystemParametersInfoA
ScrollWindowEx
RegisterClassW
SetCaretPos
InsertMenuA
MapWindowPoints
GetDlgItemTextA
CheckMenuItem
TranslateMDISysAccel

gdi32

GetBitmapBits
MoveToEx
BitBlt
GetWindowOrgEx
PatBlt
LineTo
CreateFontIndirectW
CreateFontA
CreateFontIndirectA
GetDIBits
GdiFlush
CreateBitmap
SelectObject
Rectangle
SaveDC
GetCurrentPositionEx
GetDIBColorTable
GetTextExtentExPointA
CreateRectRgn
GetCharABCWidthsFloatA
GetPixel
GetStockObject
UpdateColors
CreateSolidBrush
ExtCreatePen
TranslateCharsetInfo
SetTextColor
GetCharacterPlacementW
GetDeviceCaps
SetDIBColorTable
ExcludeClipRect
CreateCompatibleDC
SetMapMode
GetObjectType
SelectPalette
RectVisible
RoundRect
IntersectClipRect
ExtTextOutA
RestoreDC
CreatePenIndirect

comdlg32

FindTextW
GetSaveFileNameW
GetOpenFileNameW

advapi32

RegLoadKeyW
GetUserNameA
StartServiceW
RegQueryInfoKeyW
OpenServiceW
OpenSCManagerW
CloseServiceHandle
RegUnLoadKeyW
ControlService
GetLengthSid
AllocateAndInitializeSid
RegGetKeySecurity
InitializeSecurityDescriptor
EqualSid

shell32

ShellExecuteExW
Shell_NotifyIconW
CommandLineToArgvW
ShellExecuteW

ole32

CoInitialize

oleaut32

SysAllocStringLen
VariantInit
SafeArrayCreate
VariantClear
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayPtrOfIndex
VariantChangeType
SysReAllocStringLen

Sections

.text
Size: 627KB - Virtual size: 627KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6.0MB - Virtual size: 6.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bzim
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fd353b92daf2560d99c2895be487783b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 627KB - Virtual size: 627KB

.data Size: 6.0MB - Virtual size: 6.0MB

.idata Size: 8KB - Virtual size: 7KB

.bzim Size: 3KB - Virtual size: 3KB

.reloc Size: 13KB - Virtual size: 13KB

.text
Size: 627KB - Virtual size: 627KB

.data
Size: 6.0MB - Virtual size: 6.0MB

.idata
Size: 8KB - Virtual size: 7KB

.bzim
Size: 3KB - Virtual size: 3KB

.reloc
Size: 13KB - Virtual size: 13KB