2024-09-07_264d769ba07d432f7bb2275d77affff9_bkransomware_chir

Sharing

Copy URL Twitter E-mail

General

Target

2024-09-07_264d769ba07d432f7bb2275d77affff9_bkransomware_chir
Size

2.0MB
MD5

264d769ba07d432f7bb2275d77affff9
SHA1

4db2f48c52e420e7618c51e00708b648eb9fbbd6
SHA256

74f52a5f5fecf6c19140aacfea94b79cfa093711b4092a434038eceb0c291b69
SHA512

0c97bf35ddc1da2cf1fa4b6955d895efe5d0104f10d26beac7bf440eaf0063551eba4eba896a20c54bbb6f82666f7c248e8d466a81d6b251ff664e04f44cf36e
SSDEEP

49152:J46GhVvj4jwCcxbF627GTzChoF9x/rKCXcQNd7vPVDZC:J8VvawCcxY27GmhoF9xTJXcQNd7vPV

Score

1^/10

Malware Config

Signatures

Files

2024-09-07_264d769ba07d432f7bb2275d77affff9_bkransomware_chir
.exe windows:5 windows x86 arch:x86

7619a6d4836d8576d3df38fa4bc8ee12

Code Sign

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

Issuer

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Not Before

28/07/2020, 00:00

Not After

28/07/2030, 00:00

Subject

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7a:ba:e5:32:00:4d:74:d7:97:a7:06:58
Certificate

Issuer

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

25/08/2021, 01:50

Not After

30/09/2022, 05:46

Subject

SERIALNUMBER=110111-0725064,CN=HANCOM. INC\,,O=HANCOM. INC\,,STREET=49\, Daewangpangyo-ro 644beon-gil\, Bundang-gu,L=Seongnam-si,ST=Gyeonggi-do,C=KR,1.3.6.1.4.1.311.60.2.1.3=#13024b52,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

01:a8:f7:25:76:dc:7b:14:7a:18:63:9e:8d:4d:eb:37
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Not Before

28/01/2021, 11:08

Not After

01/03/2032, 11:08

Subject

CN=Globalsign TSA for CodeSign1 - R6,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

20/06/2018, 00:00

Not After

10/12/2034, 00:00

Subject

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

10/12/2014, 00:00

Not After

10/12/2034, 00:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

db:38:4e:7d:7a:9b:52:da:9b:ac:87:d1:30:91:6d:d3:d7:22:f2:ad:f4:ef:fc:da:85:09:42:76:22:74:e7:f8
Signer

Actual PE Digest

db:38:4e:7d:7a:9b:52:da:9b:ac:87:d1:30:91:6d:d3:d7:22:f2:ad:f4:ef:fc:da:85:09:42:76:22:74:e7:f8

Digest Algorithm

sha256

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\HncUtils\install\HOffice90\HConfig_NEO\Release\HConfig96.pdb

Imports

kernel32

SetEnvironmentVariableA
OutputDebugStringW
GetStringTypeW
SetFilePointerEx
ReadConsoleW
GetConsoleMode
GetConsoleCP
GetTimeZoneInformation
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetStartupInfoW
GetLastError
GetStdHandle
GetSystemTimeAsFileTime
VirtualQuery
VirtualAlloc
GetSystemInfo
HeapQueryInformation
GetFileType
SetStdHandle
ExitThread
CreateThread
RtlUnwind
GetModuleHandleExW
ExitProcess
GetDriveTypeW
IsDebuggerPresent
GetCommandLineW
FindResourceExW
VirtualProtect
GetWindowsDirectoryW
Sleep
GetProfileIntW
GetTickCount
GetTempFileNameW
SearchPathW
SetErrorMode
GetFileTime
GetFileSizeEx
GetFileAttributesExW
lstrcmpiW
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetFullPathNameW
FlushFileBuffers
GetFileSize
GetFileAttributesW
CreateFileW
VerifyVersionInfoW
VerSetConditionMask
GlobalFlags
GetUserDefaultUILanguage
IsProcessorFeaturePresent
LCMapStringW
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
GetCurrentDirectoryW
GetThreadLocale
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
GlobalGetAtomNameW
FileTimeToSystemTime
FindNextFileW
FileTimeToLocalFileTime
GlobalFindAtomW
GetSystemDirectoryW
EncodePointer
GetCurrentProcessId
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
ResumeThread
SetThreadPriority
LoadLibraryA
GetModuleHandleA
OutputDebugStringA
FreeResource
CompareStringA
lstrcmpW
lstrcmpA
GlobalDeleteAtom
GetCurrentThreadId
GetCurrentThread
WideCharToMultiByte
SetLastError
MulDiv
GlobalFree
GlobalUnlock
GlobalLock
GlobalSize
GlobalAlloc
FreeLibrary
LoadLibraryExW
CloseHandle
GetCurrentProcess
GetModuleHandleW
GetProcAddress
WaitForSingleObject
GetThreadUILanguage
DeleteCriticalSection
DecodePointer
EnterCriticalSection
HeapSize
RaiseException
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
GetProcessHeap
HeapFree
HeapAlloc
HeapReAlloc
GetTempPathW
FindClose
GetLocaleInfoEx
LocaleNameToLCID
FindFirstFileW
CopyFileW
lstrlenW
lstrcatW
LocalFree
FormatMessageW
MultiByteToWideChar
GetModuleFileNameW
lstrcpyW
DeleteFileW
GetVersionExW
GlobalAddAtomW
LoadLibraryW
FindResourceW
LoadResource
LockResource
SizeofResource
WriteConsoleW

user32

UpdateLayeredWindow
CharUpperBuffW
SetCursorPos
DrawFocusRect
DrawFrameControl
DrawEdge
DrawIconEx
UnionRect
GetNextDlgGroupItem
SetRect
InvalidateRgn
CharNextW
SetClassLongW
LockWindowUpdate
RegisterClipboardFormatW
EnumChildWindows
CopyAcceleratorTableW
DestroyAcceleratorTable
CreateAcceleratorTableW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
WaitMessage
PostThreadMessageW
ModifyMenuW
IsMenu
NotifyWinEvent
WindowFromPoint
SetWindowRgn
GetAsyncKeyState
CharUpperW
TrackMouseEvent
IsRectEmpty
DrawStateW
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
EnumDisplayMonitors
SetLayeredWindowAttributes
MonitorFromPoint
SetParent
ReuseDDElParam
UnpackDDElParam
DestroyIcon
SetRectEmpty
InsertMenuItemW
CreatePopupMenu
TranslateAcceleratorW
LoadAcceleratorsW
BringWindowToTop
InvalidateRect
RealChildWindowFromPoint
DeleteMenu
CopyImage
GetSysColorBrush
IntersectRect
ClientToScreen
BeginPaint
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
GetMenuItemInfoW
DestroyMenu
SendDlgItemMessageA
IsDialogMessageW
SetWindowTextW
CheckDlgButton
MoveWindow
ShowWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
EnableScrollBar
GetTopWindow
GetClassNameW
GetClassLongW
EqualRect
MapWindowPoints
ScreenToClient
AdjustWindowRectEx
GetWindowTextLengthW
GetWindowTextW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
SetForegroundWindow
GetForegroundWindow
UpdateWindow
TrackPopupMenu
SetMenu
GetMenu
SetFocus
GetDlgCtrlID
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
IsChild
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
DefWindowProcW
GetMessageTime
GetMessagePos
RegisterWindowMessageW
GetLastActivePopup
GetWindowThreadProcessId
SetCursor
ShowOwnedPopups
CallNextHookEx
SetWindowsHookExW
GetCursorPos
ValidateRect
GetKeyState
PeekMessageW
GetMessageW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetFocus
MapVirtualKeyW
GetKeyNameTextW
LoadMenuW
GetDesktopWindow
SetActiveWindow
IsWindowEnabled
GetActiveWindow
GetNextDlgTabItem
GetDlgItem
EndDialog
CreateDialogIndirectParamW
DestroyWindow
UnhookWindowsHookEx
MapDialogRect
GetWindow
SetWindowContextHelpId
SetWindowPos
OffsetRect
MessageBeep
IsZoomed
PostQuitMessage
RemoveMenu
InsertMenuW
GetMenuItemCount
GetMenuItemID
GetMenuDefaultItem
SetMenuDefaultItem
CopyIcon
IsClipboardFormatAvailable
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
IsCharLowerW
MapVirtualKeyExW
GetWindowRgn
DestroyCursor
CreateMenu
GetDoubleClickTime
GetSubMenu
GetMenuState
GetMenuStringW
InvertRect
HideCaret
GetIconInfo
GetUpdateRect
SetScrollInfo
SubtractRect
IsWindowVisible
KillTimer
FrameRect
FillRect
GetSysColor
SetTimer
SetCapture
GetCapture
InflateRect
ReleaseDC
GetDC
ReleaseCapture
CallWindowProcW
CopyRect
GetComboBoxInfo
SetWindowLongW
LoadCursorW
IsWindow
SystemParametersInfoW
UnregisterClassW
RedrawWindow
LoadStringW
wsprintfW
LoadBitmapW
PtInRect
GetWindowLongW
PostMessageW
GetParent
DispatchMessageW
TranslateMessage
UnregisterHotKey
DrawIcon
GetClientRect
GetSystemMetrics
IsIconic
GetWindowRect
SendMessageW
AppendMenuW
GetSystemMenu
RegisterHotKey
LoadImageW
LoadIconW
EnableWindow
FindWindowW
MessageBoxW
EndPaint

gdi32

SetRectRgn
DPtoLP
CreateCompatibleBitmap
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
GetTextMetricsW
GetDIBits
RealizePalette
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateRoundRectRgn
GetRgnBox
OffsetRgn
CreateEllipticRgn
Ellipse
CreatePolygonRgn
Polygon
Polyline
Rectangle
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
GetMapMode
ExtFloodFill
SetPaletteEntries
GetViewportOrgEx
LPtoDP
GetWindowOrgEx
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetTextFaceW
SetPixelV
SetBkMode
SelectPalette
SelectObject
CombineRgn
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
TextOutW
MoveToEx
SetTextAlign
SetROP2
SetPolyFillMode
GetLayout
SetLayout
RoundRect
GetObjectW
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
Escape
DeleteObject
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
ExtTextOutW
GetTextExtentPoint32W
BitBlt
SetTextColor
SetBkColor
CreateBitmap
PatBlt
CreateRectRgnIndirect
GetDeviceCaps
CreateDCW
CopyMetaFileW
GetBkColor
GetTextColor
DeleteDC
CreateSolidBrush
GetStockObject
EnumFontFamiliesExW
CreateCompatibleDC
CreateFontIndirectW
SetMapMode

msimg32

AlphaBlend
TransparentBlt

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

CryptImportKey
RegEnumKeyExW
RegDeleteTreeW
RegEnumKeyW
RegDeleteKeyW
RegSetValueW
RegEnumValueW
RegQueryValueW
RegDeleteValueW
RegCreateKeyExW
RegOpenKeyW
CryptAcquireContextW
RegSetValueExW
RegCreateKeyW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
CryptDecrypt
CryptDestroyKey
CryptEncrypt
CryptSetKeyParam

shell32

SHGetDesktopFolder
SHChangeNotify
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHBrowseForFolderW
ShellExecuteExW
ShellExecuteW
SHGetFileInfoW
SHGetFolderPathW
SHGetMalloc
SHAppBarMessage
DragFinish
DragQueryFileW

comctl32

InitCommonControlsEx
_TrackMouseEvent

shlwapi

PathFindFileNameW
PathFindExtensionW
PathRemoveFileSpecW
PathIsUNCW
PathStripToRootW
PathFileExistsW
StrFormatKBSizeW

uxtheme

GetWindowTheme
GetThemeSysColor
GetCurrentThemeName
SetWindowTheme
DrawThemeText
DrawThemeParentBackground
GetThemePartSize
CloseThemeData
IsAppThemed
OpenThemeData
GetThemeColor
IsThemeBackgroundPartiallyTransparent
DrawThemeBackground

ole32

StgCreateDocfileOnILockBytes
CoGetClassObject
CreateStreamOnHGlobal
CoDisconnectObject
CoInitializeEx
CLSIDFromProgID
CLSIDFromString
CoCreateGuid
ReleaseStgMedium
OleDuplicateData
StgOpenStorageOnILockBytes
CoTaskMemAlloc
OleUninitialize
OleInitialize
CoUninitialize
CoCreateInstance
CoInitialize
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
CreateILockBytesOnHGlobal
OleFlushClipboard
OleIsCurrentClipboard
CoRegisterMessageFilter
CoRevokeClassObject
CoTaskMemFree
OleCreateMenuDescriptor
CoFreeUnusedLibraries
OleLockRunning
OleGetClipboard
DoDragDrop

oleaut32

SysFreeString
OleCreateFontIndirect
VarBstrFromDate
VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
LoadTypeLi
VariantChangeType
VariantClear
VariantInit
SysAllocStringLen
SysAllocString

oledlg

OleUIBusyW

gdiplus

GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown
GdipDrawImageRectI

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundW

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 365KB - Virtual size: 365KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 148KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7619a6d4836d8576d3df38fa4bc8ee12

Code Sign

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:edCertificate

Extended Key Usages

Key Usages

7a:ba:e5:32:00:4d:74:d7:97:a7:06:58Certificate

Extended Key Usages

Key Usages

01:a8:f7:25:76:dc:7b:14:7a:18:63:9e:8d:4d:eb:37Certificate

Extended Key Usages

Key Usages

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74Certificate

Key Usages

45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51Certificate

Key Usages

db:38:4e:7d:7a:9b:52:da:9b:ac:87:d1:30:91:6d:d3:d7:22:f2:ad:f4:ef:fc:da:85:09:42:76:22:74:e7:f8Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

version

oleacc

imm32

winmm

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 365KB - Virtual size: 365KB

.data Size: 27KB - Virtual size: 57KB

.rsrc Size: 39KB - Virtual size: 39KB

.reloc Size: 148KB - Virtual size: 148KB

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

7a:ba:e5:32:00:4d:74:d7:97:a7:06:58
Certificate

01:a8:f7:25:76:dc:7b:14:7a:18:63:9e:8d:4d:eb:37
Certificate

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51
Certificate

db:38:4e:7d:7a:9b:52:da:9b:ac:87:d1:30:91:6d:d3:d7:22:f2:ad:f4:ef:fc:da:85:09:42:76:22:74:e7:f8
Signer

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 365KB - Virtual size: 365KB

.data
Size: 27KB - Virtual size: 57KB

.rsrc
Size: 39KB - Virtual size: 39KB

.reloc
Size: 148KB - Virtual size: 148KB