2024-09-19_41c31fd977c7383129bd3bc8224d08c1_bkransomware

Sharing

Copy URL

Twitter E-mail

General

Target

2024-09-19_41c31fd977c7383129bd3bc8224d08c1_bkransomware
Size

1.3MB
MD5

41c31fd977c7383129bd3bc8224d08c1
SHA1

4873a4599dc010308a175431a294e6f654390d0f
SHA256

b1b97d1c4d64d4a9c48ba23a7fc6e9714685bfc9717ee7676f88f880d94a9e71
SHA512

0b5787f8a389813c055061766e416bd284273bfd0222b7eb78424d514744fe4fcac5853948153539ba3b3bdb81d7911b9beb2dcfaf5cd9e4eea9f8541ee0d318
SSDEEP

24576:KB1w0r6BUC+aS+S83anSnhpY/Gv2C+ptFPH:KgBUl+SNSn39v2FptFH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-09-19_41c31fd977c7383129bd3bc8224d08c1_bkransomware

Files

2024-09-19_41c31fd977c7383129bd3bc8224d08c1_bkransomware
.exe windows:5 windows x86 arch:x86

91d01babfb14efd47c76abc03168a79e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA
GlobalSize
WideCharToMultiByte
SetEndOfFile
HeapSize
WriteConsoleW
HeapReAlloc
FlushFileBuffers
SetStdHandle
OutputDebugStringW
LCMapStringW
GetStringTypeW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetConsoleCP
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
Sleep
CreateFileW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetStartupInfoW
DeleteCriticalSection
GetFileType
SetFilePointerEx
ReadConsoleW
GetConsoleMode
LeaveCriticalSection
EnterCriticalSection
WriteFile
GetStdHandle
GetModuleHandleExW
ExitProcess
GetProcessHeap
SetLastError
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
GetCommandLineW
DeleteFileW
ExitThread
CreateThread
DecodePointer
EncodePointer
IsProcessorFeaturePresent
IsDebuggerPresent
RtlUnwind
HeapAlloc
HeapFree
LoadLibraryExA
FreeLibrary
RaiseException
GetTempPathW
GetModuleFileNameW
GetTickCount
SetFilePointer
ReadFile
WritePrivateProfileStringW
GetLastError
InterlockedDecrement
InterlockedIncrement
GetPrivateProfileStringW
GetPrivateProfileIntW
CloseHandle
WaitForSingleObject
ResumeThread
GetCurrentProcess
GetLocalTime
GetProcessAffinityMask
MultiByteToWideChar
GlobalFree
GlobalUnlock
GlobalHandle
GlobalLock
GlobalAlloc
MulDiv
GetCurrentThreadId
VerifyVersionInfoW
GetModuleHandleA
VerSetConditionMask
GetModuleHandleW
LoadLibraryExW
InitializeCriticalSectionAndSpinCount
GetProcAddress

user32

GetIconInfo
GetWindowThreadProcessId
IsRectEmpty
WindowFromPoint
GetCursor
GetCursorPos
IsZoomed
AttachThreadInput
SystemParametersInfoA
LoadCursorW
FindWindowW
IntersectRect
SetCursor
ShowCursor
GetActiveWindow
DispatchMessageW
TranslateMessage
GetMessageW
DestroyIcon
LoadIconW
SetParent
ClientToScreen
MessageBeep
SetActiveWindow
UpdateWindow
LoadMenuW
EnableWindow
KillTimer
SetTimer
GetKeyState
CreateDialogParamW
BringWindowToTop
SetWindowPos
MoveWindow
ShowWindow
DestroyWindow
IsWindow
CreateWindowExW
RegisterClassW
DefWindowProcW
ScreenToClient
PostMessageW
SetRect
SetWindowTextW
SetFocus
SendDlgItemMessageW
SetDlgItemTextW
EndDialog
LoadStringW
DrawIconEx
LoadImageW
GetClassNameW
EnumChildWindows
GetParent
SetWindowLongW
GetWindowLongW
OffsetRect
InflateRect
CopyRect
FrameRect
FillRect
DrawFocusRect
GetSysColor
MessageBoxW
GetWindowRect
GetClientRect
GetWindowTextW
InvalidateRect
EndPaint
BeginPaint
ReleaseDC
GetDC
DrawTextExW
DrawTextW
TrackPopupMenu
GetSubMenu
DestroyMenu
GetSystemMetrics
IsWindowEnabled
GetFocus
GetDlgCtrlID
GetDlgItem
IsWindowVisible
DrawFrameControl
DrawEdge
SystemParametersInfoW
RedrawWindow
SendMessageW
PostQuitMessage

gdi32

CreateFontIndirectW
CreatePen
CreateSolidBrush
GetDeviceCaps
GetStockObject
GetTextExtentPoint32W
Rectangle
SelectObject
SetBkColor
SetBkMode
CreatePalette
CreateCompatibleDC
GetSystemPaletteEntries
CreateDCW
DeleteDC
GetClipBox
RealizePalette
SelectPalette
StretchDIBits
SetStretchBltMode
GetDCOrgEx
GetDIBits
GetObjectW
CreateCompatibleBitmap
BitBlt
SetTextColor
DeleteObject

comctl32

ord412
ord410
ord413

Sections

.text
Size: 320KB - Virtual size: 320KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 208KB - Virtual size: 208KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

91d01babfb14efd47c76abc03168a79e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comctl32

Sections

.text Size: 320KB - Virtual size: 320KB

.rdata Size: 208KB - Virtual size: 208KB

.data Size: 8KB - Virtual size: 25KB

.rsrc Size: 41KB - Virtual size: 40KB

.reloc Size: 14KB - Virtual size: 14KB

.text
Size: 320KB - Virtual size: 320KB

.rdata
Size: 208KB - Virtual size: 208KB

.data
Size: 8KB - Virtual size: 25KB

.rsrc
Size: 41KB - Virtual size: 40KB

.reloc
Size: 14KB - Virtual size: 14KB