2024-09-18_5c3a53946465cd241e866b40c9207a1a_bkransomware

Sharing

Copy URL Twitter E-mail

General

Target

2024-09-18_5c3a53946465cd241e866b40c9207a1a_bkransomware
Size

6.7MB
MD5

5c3a53946465cd241e866b40c9207a1a
SHA1

f96661b3fae581f09d5b70d943f60c428dbe71c2
SHA256

8e062ad04a8018257b770a386f257079a8f3b763b196ad624b1bdead54023cf9
SHA512

77b9441c2b58da7fa8372b7b818f7ca5bef964b98c495854fda79b080a11f2f0d6a0a7a8f358e5f75b8748a471c6d9484485338b03094ffe51d4fceadea2fd00
SSDEEP

196608:olnf71MOfwlKmDeE2mcKeWX/hNWdL+F1:o5miuImceX5NK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-09-18_5c3a53946465cd241e866b40c9207a1a_bkransomware

Files

2024-09-18_5c3a53946465cd241e866b40c9207a1a_bkransomware
.exe windows:6 windows x86 arch:x86

de3c0fc56f1e8838066a3aeacc322388

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFullPathNameW
CreateFileA
GetFileSize
GlobalMemoryStatus
FindFirstFileW
SetEndOfFile
FindResourceW
FreeLibrary
LoadResource
SystemTimeToTzSpecificLocalTime
GetCommState
CompareFileTime
QueryPerformanceCounter
GetEnvironmentStringsW
CreateDirectoryW
GetUserDefaultLCID
SetCommBreak
ExpandEnvironmentStringsA
GetPrivateProfileStringW
GetWindowsDirectoryA
VirtualQueryEx
SetCommState
SetCommTimeouts
GetConsoleCP
GetSystemDirectoryW
IsValidLocale
GetLocaleInfoW
Sleep
ReadProcessMemory
GetSystemTimeAdjustment
lstrcpynW
IsProcessorFeaturePresent
CreateProcessA
FileTimeToSystemTime
GetTimeZoneInformation
SetThreadPriority
FlushFileBuffers
GetTempPathW
VerifyVersionInfoW
GetLastError
LoadLibraryA
CreateEventW
QueryDosDeviceW
DeviceIoControl
GetModuleFileNameA
GetOEMCP
CloseHandle
FileTimeToLocalFileTime
GetVersion
EncodePointer
GetSystemTime
SuspendThread
SwitchToThread
SetStdHandle
LoadLibraryW
SetFilePointerEx
GetConsoleMode
GetStringTypeW
LCMapStringW
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
ReleaseSemaphore
VirtualProtect
VirtualFree
VirtualAlloc
GetVersionExW
GetModuleHandleA
FreeLibraryAndExitThread
GetThreadTimes
OutputDebugStringW
FreeEnvironmentStringsW
GetCurrentProcessId
WriteFile
GetModuleFileNameW
GetStdHandle
GetCPInfo
IsValidCodePage
IsDebuggerPresent
GetProcessHeap
HeapAlloc
HeapSize
WideCharToMultiByte
MultiByteToWideChar
GetModuleHandleExW
UnregisterWait
RegisterWaitForSingleObject
ExitProcess
ExpandEnvironmentStringsW
DeleteCriticalSection
FindNextFileW
FindNextFileA
CreatePipe
RemoveDirectoryW
GetFileType
CreateFileMappingA
GetDiskFreeSpaceW
GlobalFree
FindFirstFileA
WritePrivateProfileStringW
GetACP
CompareStringW
CreateFileW
GetSystemDirectoryA
GetFileAttributesW
HeapDestroy
GetUserDefaultLangID
ClearCommBreak
ConnectNamedPipe
GetLogicalDrives
SignalObjectAndWait
GetCurrentProcess
WaitNamedPipeA
LoadLibraryExW
SetErrorMode
VirtualQuery
GetLocaleInfoA
SetFilePointer
GetDateFormatW
LocalFree
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
WaitForSingleObjectEx
SetEvent
DuplicateHandle
WaitForSingleObject
GetCurrentThread
GetCurrentThreadId
GetExitCodeThread
GetSystemTimeAsFileTime
EnterCriticalSection
LeaveCriticalSection
DecodePointer
HeapReAlloc
GetCommandLineW
RaiseException
RtlUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
InitializeCriticalSectionAndSpinCount
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetTickCount
GetModuleHandleW
GetProcAddress
CreateSemaphoreW
CreateThread
ExitThread
HeapFree
CreateTimerQueue
WriteConsoleW

user32

GetMessageW
IsIconic
GetKeyState
DrawFocusRect
GetMenu
MessageBoxA
SystemParametersInfoW
MonitorFromWindow
ShowWindow
DrawMenuBar
CreateWindowExW
BeginDeferWindowPos
GetDlgItemTextW
ValidateRgn
SendMessageW
GetWindowLongW
DrawFrameControl
GetWindow
ClientToScreen
GetDlgItemInt
DestroyAcceleratorTable
CharUpperBuffW
PostMessageW
LoadStringA
EnumWindows
GetDC
SetDlgItemInt
LoadMenuW
GetClassNameW
CharUpperW
SetWindowLongW
SendDlgItemMessageW
GetDesktopWindow
EnumChildWindows
EnableScrollBar
MessageBoxW
SetDlgItemTextW
MapWindowPoints
DestroyMenu
GetDlgCtrlID
SetMenuItemInfoW
CheckMenuItem
UpdateWindow

gdi32

CreatePolygonRgn
SetLayout
SetWindowExtEx
CreateHatchBrush
SetPolyFillMode
GetCharABCWidthsW
SetViewportExtEx
SetViewportOrgEx
SetTextColor
Polygon
CreateFontIndirectW
StretchBlt
RectInRegion
OffsetRgn
ExtCreateRegion
SetStretchBltMode
SetROP2

comdlg32

FindTextW

advapi32

RegUnLoadKeyW
RegSetValueExW
RegSetKeySecurity
StartServiceW
RegGetKeySecurity
OpenProcessToken
RegCloseKey
RegEnumKeyExW
RegConnectRegistryW
RegOpenKeyExA
SetSecurityDescriptorDacl
RegQueryValueExW

shell32

ShellExecuteExW
ExtractIconExW
SHGetFileInfoW

oleaut32

SafeArrayPtrOfIndex
SafeArrayGetLBound
SysReAllocStringLen
SysFreeString
VariantChangeType
SysAllocStringLen

Sections

.text
Size: 687KB - Virtual size: 687KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6.0MB - Virtual size: 6.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.zqpuP
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

de3c0fc56f1e8838066a3aeacc322388

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

oleaut32

Sections

.text Size: 687KB - Virtual size: 687KB

.data Size: 6.0MB - Virtual size: 6.0MB

.idata Size: 7KB - Virtual size: 6KB

.zqpuP Size: 2KB - Virtual size: 2KB

.reloc Size: 13KB - Virtual size: 13KB

.text
Size: 687KB - Virtual size: 687KB

.data
Size: 6.0MB - Virtual size: 6.0MB

.idata
Size: 7KB - Virtual size: 6KB

.zqpuP
Size: 2KB - Virtual size: 2KB

.reloc
Size: 13KB - Virtual size: 13KB