2024-09-20_478ea0fd993e7d0f5a7e48afdc909c01_bkransomware

Sharing

Copy URL

Twitter E-mail

General

Target

2024-09-20_478ea0fd993e7d0f5a7e48afdc909c01_bkransomware
Size

9.9MB
MD5

478ea0fd993e7d0f5a7e48afdc909c01
SHA1

3679f47009e185ef3991da673431db981aaa2514
SHA256

981172e007c0368870f4a618655017aa1c888a4635db5abf96c439ec8dd2ba63
SHA512

cafcc1af30be240b0009efc0e975911e744bc5cac742915ba68a21d2da820bc7cb9eddac5fe3d135a04b838a47689db0634fd8776881284c16276d29b5a44e8c
SSDEEP

196608:jdnKyqjsVK3FfLXvo/Il5w6WxYy54RRoWQrINC2cm7:jR6jtLXQ/2DkORoWQrIdd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-09-20_478ea0fd993e7d0f5a7e48afdc909c01_bkransomware

Files

2024-09-20_478ea0fd993e7d0f5a7e48afdc909c01_bkransomware
.exe windows:6 windows x86 arch:x86

aff4a24b08daeafd17241b6f68e44596

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

patterncomm

_PatternHttpQueryHeaders@24
_PatternHttpReadData@16
_PatternHttpQueryDataAvailable@8
_PatternHttpReceiveResponse@8
_PatternHttpSendRequest@28
_PatternHttpCloseRequest@4
_PatternHttpOpenRequest@28
_PatternHttpCloseConnect@4
_PatternHttpConnect@16
_PatternHttpCloseSession@4
_PatternHttpOpenSession@24
_PatternHttpCrackUrl@16

shell32

SHFileOperationW
DragAcceptFiles
SHGetFolderPathW
ShellExecuteW
DragQueryFileW
DragFinish
SHGetFileInfoW
SHAddToRecentDocs
ExtractIconW
SHGetPathFromIDListW
SHBrowseForFolderW
SHAppBarMessage
SHGetDesktopFolder
SHGetSpecialFolderLocation
ShellExecuteExW

mathlib

?MatrixRect@@YAXAAUtag_XFORM@@AAVCRect@@@Z
?MatrixPoint@@YAXAAUtag_XFORM@@AAUtagPOINT@@@Z
?LenAB@@YANPAUtag_POINT@@0@Z
?PtInBzrAndGetIndex@@YAHPAUtagPOINT@@HU1@AAHNNH@Z
?TwoPtLine@@YAHAAUtag_POINT@@0AAU_LineForm@@@Z
?TwoLineIts@@YAHAAU_LineForm@@0AAUtag_POINT@@@Z
?TwoPtRect@@YA?AUtag_RECT@@AAUtag_POINT@@0@Z
?PtInRect@@YAHAAUtag_RECT@@AAUtag_POINT@@@Z
?MatrixInvert@@YAXAAUtag_XFORM@@0@Z
?MatrixScale@@YAXNNNNAAUtag_XFORM@@@Z
?MatrixMove@@YAXNNAAUtag_XFORM@@@Z
?MatrixNorm@@YAXAAUtag_XFORM@@@Z
?PtInRect@@YAHAAUtagRECT@@AAUtagPOINT@@@Z
?MatrixMul@@YA?AUtag_XFORM@@AAU1@0@Z
?MatrixRotate@@YAXNNNAAUtag_XFORM@@@Z
?LenAB@@YANAAUtagPOINT@@0@Z
?PtLineDist@@YANU_LineForm@@AAUtagPOINT@@@Z
?CalcAngle@@YANAAVCPoint@@0@Z
?angle15@@YANN@Z
?IsMatrixNorm@@YA_NAAUtag_XFORM@@@Z
?MatrixPoint@@YAXAAUtag_XFORM@@AAUtag_POINT@@@Z
?MatrixShear@@YAXNNNNAAUtag_XFORM@@@Z
?GetBzrHullRect@@YA?AUtagRECT@@AAUtagPOINT@@000@Z
?PtInBzr@@YAHPAUtagPOINT@@HU1@NNH@Z

kernel32

GetCommandLineW
RtlUnwind
IsDebuggerPresent
IsProcessorFeaturePresent
GetSystemInfo
VirtualAlloc
VirtualQuery
GetSystemTimeAsFileTime
CreateThread
ExitThread
ExitProcess
GetModuleHandleExW
SetStdHandle
GetFileType
HeapQueryInformation
GetStdHandle
GetStartupInfoW
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetStringTypeW
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
SetFilePointerEx
ReadConsoleW
LCMapStringW
WriteConsoleW
SetEnvironmentVariableA
LocalFileTimeToFileTime
GetFileSizeEx
GetFileAttributesExW
FileTimeToLocalFileTime
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetUserDefaultUILanguage
FindResourceExW
GetProfileIntW
GlobalFlags
FileTimeToSystemTime
SystemTimeToFileTime
ReplaceFileW
SetFileTime
GetFileTime
GetFileAttributesW
GetDiskFreeSpaceW
CompareStringA
GetCurrentThread
lstrcmpA
GetThreadLocale
GetStringTypeExW
lstrcmpiW
GetCurrentProcess
DuplicateHandle
UnlockFile
SetFilePointer
SetEndOfFile
LockFile
GetVolumeInformationW
GetShortPathNameW
GetFullPathNameW
FlushFileBuffers
ResumeThread
GetWindowsDirectoryW
GlobalGetAtomNameW
GetCurrentProcessId
CopyFileW
GlobalFindAtomW
GlobalAddAtomW
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
FreeResource
GetSystemDirectoryW
GetCurrentThreadId
EncodePointer
LoadLibraryA
GetModuleHandleA
VirtualProtect
SetLastError
GetCurrentDirectoryW
FormatMessageW
LocalFree
LocalAlloc
WriteFile
lstrcpynW
HeapSize
HeapReAlloc
RaiseException
DecodePointer
ReadFile
GetVersion
Sleep
MoveFileW
lstrlenW
SetCurrentDirectoryW
GetComputerNameW
GetLocalTime
OutputDebugStringW
CreateDirectoryW
WideCharToMultiByte
InitializeCriticalSectionAndSpinCount
InitializeCriticalSection
OutputDebugStringA
GetFileSize
CreateFileW
CreateSemaphoreW
GetTempPathW
GetTempFileNameW
DeleteFileW
LoadLibraryW
GetProcAddress
GetModuleHandleW
FreeLibrary
GetVersionExW
GetTickCount
OpenEventW
CreateEventW
CloseHandle
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
GlobalFree
GlobalUnlock
GlobalLock
GlobalSize
GlobalAlloc
WaitForSingleObject
ReleaseSemaphore
DeleteCriticalSection
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
GetLastError
lstrcpyW
GetModuleFileNameW
FindNextFileW
FindFirstFileW
FindClose
MulDiv
GetProcessHeap
HeapFree
HeapAlloc
MultiByteToWideChar
FindResourceW
SizeofResource
LockResource
LoadResource
VerifyVersionInfoW
VerSetConditionMask
SetThreadPriority
SetErrorMode
lstrlenA
SearchPathW

user32

SetLayeredWindowAttributes
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableW
CharNextW
PostThreadMessageW
CopyImage
RealChildWindowFromPoint
IsZoomed
MonitorFromPoint
GetMenuItemInfoW
WaitMessage
SetWindowContextHelpId
RegisterClipboardFormatW
ShowOwnedPopups
SetWindowRgn
MapVirtualKeyW
GetKeyNameTextW
CharUpperW
TranslateMessage
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
ReuseDDElParam
UnpackDDElParam
InsertMenuItemW
TranslateAcceleratorW
LoadAcceleratorsW
IsIconic
GetWindowThreadProcessId
EndPaint
BeginPaint
GetWindowDC
RemoveMenu
InsertMenuW
GetMenuStringW
EndDialog
CreateDialogIndirectParamW
IsDialogMessageW
SetWindowTextW
ScrollWindowEx
IsDlgButtonChecked
CheckRadioButton
CheckDlgButton
GetDlgItemTextW
GetDlgItemInt
SetDlgItemInt
MoveWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
CallNextHookEx
SetWindowsHookExW
GetLastActivePopup
GetWindowTextLengthW
ScrollWindow
ValidateRect
GetForegroundWindow
TrackPopupMenu
GetMenuItemID
SetMenu
GetMenu
SetWindowPlacement
GetWindowPlacement
GetClassInfoExW
GetMessageTime
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
SendDlgItemMessageA
UnhookWindowsHookEx
MapDialogRect
RemovePropW
GetPropW
SetPropW
SetActiveWindow
IsWindowEnabled
EnumDisplayMonitors
SetFocus
ShowScrollBar
SystemParametersInfoW
DefWindowProcW
DrawFrameControl
BringWindowToTop
RegisterWindowMessageW
CreateMenu
ClipCursor
GetMenuItemCount
EnableMenuItem
CheckMenuItem
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
UnregisterClassW
SetForegroundWindow
ModifyMenuW
GetSystemMenu
GetTopWindow
GetClassNameW
CreatePopupMenu
SetWindowPos
DrawIcon
AppendMenuW
GetMenuState
DrawEdge
AdjustWindowRectEx
GetClassInfoW
RegisterClassW
PostQuitMessage
DeferWindowPos
GetDesktopWindow
PeekMessageW
GetDlgItem
DeleteMenu
GetMessagePos
GetWindowTextW
ShowWindow
CreateWindowExW
IntersectRect
SetRect
MapWindowPoints
SetCursorPos
ScrollDC
MessageBoxW
EnumDisplaySettingsW
ChangeDisplaySettingsW
LoadStringW
DestroyWindow
UnionRect
UpdateWindow
LockWindowUpdate
LoadBitmapW
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetIconInfo
TrackMouseEvent
NotifyWinEvent
GetMenuDefaultItem
SetMenuDefaultItem
IsMenu
CreateIconIndirect
LoadImageW
DestroyIcon
DestroyCursor
DrawFocusRect
TabbedTextOutW
DrawStateW
GrayStringW
DrawTextExW
TrackPopupMenuEx
GetSubMenu
DestroyMenu
LoadMenuW
GetActiveWindow
GetNextDlgTabItem
UpdateLayeredWindow
EnableScrollBar
HideCaret
InvertRect
IsClipboardFormatAvailable
ToUnicodeEx
GetKeyboardLayout
GetKeyboardState
CreateAcceleratorTableW
DestroyAcceleratorTable
RedrawWindow
GetDCEx
EndDeferWindowPos
BeginDeferWindowPos
wsprintfW
GetClassLongW
EqualRect
InflateRect
WindowFromPoint
ClientToScreen
ReleaseCapture
GetWindowRgn
SetClassLongW
SubtractRect
GetUpdateRect
GetDoubleClickTime
MapVirtualKeyExW
IsCharLowerW
GetComboBoxInfo
CopyIcon
CharUpperBuffW
GetAsyncKeyState
SendMessageW
EnableWindow
LoadIconW
OffsetRect
PtInRect
DrawTextW
GetSysColor
FillRect
FrameRect
CopyRect
PostMessageW
IsWindow
GetKeyState
SetTimer
KillTimer
GetDC
ReleaseDC
GetClientRect
SetCursor
GetCursorPos
ScreenToClient
LoadCursorW
CallWindowProcW
InvalidateRect
GetWindowLongW
SetWindowLongW
GetParent
IsWindowVisible
GetFocus
GetCapture
GetSystemMetrics
GetWindowRect
GetSysColorBrush
SetRectEmpty
IsRectEmpty
SetParent
GetWindow
DrawIconEx
GetMessageW
DispatchMessageW
IsChild
GetDlgCtrlID
SetCapture

gdi32

GetCurrentObject
GetDeviceCaps
GetMapMode
GetViewportExtEx
GetWindowExtEx
GetWindowOrgEx
SetBitmapBits
SetDIBitsToDevice
CreateDIBSection
BeginPath
EndPath
PathToRegion
GetObjectW
DPtoLP
LPtoDP
GetTextExtentPoint32W
SelectObject
ExtTextOutW
GetStockObject
PatBlt
CreateBitmap
DeleteDC
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
ArcTo
GetBitmapBits
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateRectRgnIndirect
SetRectRgn
GetCharWidthW
GetTextFaceW
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
CreateRoundRectRgn
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
CreatePolygonRgn
RoundRect
ExtFloodFill
SetPaletteEntries
FrameRgn
GetBoundsRect
SetPixelV
IntersectClipRect
GetObjectType
FillRgn
DeleteObject
CreateHatchBrush
CreateBitmapIndirect
CombineRgn
SelectPalette
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
Polygon
GetROP2
CreateSolidBrush
CreateFontW
GetTextColor
GetBkColor
PolyBezier
Polyline
ExtCreatePen
Rectangle
CreatePen
CreateCompatibleDC
CreateCompatibleBitmap
CreateBrushIndirect
BitBlt
GetCurrentPositionEx
GetClipBox
ExcludeClipRect
CreatePatternBrush
CreateDCW
CopyMetaFileW
StrokeAndFillPath
SetStretchBltMode
SetDIBits
GetDIBits
GetTextMetricsW
EnumFontFamiliesExW
StretchBlt
PtInRegion
OffsetRgn
GetRgnBox
GetBkMode
CreateEllipticRgn
MoveToEx
StretchDIBits
LineTo
SetBrushOrgEx
GetViewportOrgEx
GetRegionData
GetGlyphOutlineW
GetBitmapDimensionEx
CreateRectRgn
SetDIBColorTable
CreateFontIndirectW
SetDCBrushColor
Ellipse
TextOutW
SetTextColor
SetPixel
SetBkColor
RectVisible
PtVisible
GetPixel
Escape

msimg32

TransparentBlt
AlphaBlend

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

GetFileSecurityW
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
RegDeleteValueW
RegCreateKeyExW
RegDeleteKeyW
RegEnumKeyExW
RegEnumValueW
RegSetValueW
SetFileSecurityW
RegCloseKey
RegQueryValueW
RegEnumKeyW

comctl32

ImageList_GetImageCount
_TrackMouseEvent
ImageList_AddMasked
InitCommonControlsEx
ImageList_SetImageCount
ImageList_Add
ImageList_Draw
ImageList_GetImageInfo
ImageList_SetBkColor
ImageList_GetBkColor

shlwapi

PathFindExtensionW
PathFileExistsW
StrCpyW
PathIsUNCW
PathStripToRootW
PathFindFileNameW
PathRemoveExtensionW
StrFormatKBSizeW
PathRemoveFileSpecW
PathIsDirectoryW

uxtheme

OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemePartSize
IsThemeBackgroundPartiallyTransparent
IsAppThemed
DrawThemeParentBackground
DrawThemeText
GetThemeColor
GetCurrentThemeName
GetThemeSysColor
GetWindowTheme

ole32

CoUninitialize
CoInitialize
CreateStreamOnHGlobal
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CoInitializeEx
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoRegisterMessageFilter
OleIsCurrentClipboard
OleFlushClipboard
CoInitializeSecurity
CoSetProxyBlanket
CoCreateInstance
OleRun
StringFromCLSID
CoTaskMemAlloc
CoTaskMemFree
OleDuplicateData
ReleaseStgMedium
CoCreateGuid
CoFreeUnusedLibraries
OleInitialize
OleUninitialize
CLSIDFromString
CLSIDFromProgID
CoDisconnectObject
CoGetClassObject
RevokeDragDrop
RegisterDragDrop
DoDragDrop
OleGetClipboard
CoLockObjectExternal
OleLockRunning
CreateILockBytesOnHGlobal
CoRevokeClassObject
IsAccelerator

oleaut32

LoadTypeLi
OleCreateFontIndirect
SafeArrayDestroy
SysStringLen
VariantTimeToSystemTime
SystemTimeToVariantTime
VariantChangeType
SysAllocStringLen
VariantCopy
VariantInit
VarBstrFromDate
VariantClear
SysFreeString
SysAllocString
GetErrorInfo

oledlg

OleUIBusyW

gdiplus

GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipSaveImageToFile
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdiplusShutdown
GdiplusStartup
GdipFree
GdipAlloc

winmm

PlaySoundW

ws2_32

WSASetLastError
WSACleanup
WSAStartup

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

Sections

.text
Size: 4.0MB - Virtual size: 4.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 726KB - Virtual size: 725KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 166KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4.3MB - Virtual size: 4.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 828KB - Virtual size: 832KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

aff4a24b08daeafd17241b6f68e44596

Headers

DLL Characteristics

File Characteristics

Imports

patterncomm

shell32

mathlib

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

winmm

ws2_32

oleacc

imm32

Sections

.text Size: 4.0MB - Virtual size: 4.0MB

.rdata Size: 726KB - Virtual size: 725KB

.data Size: 100KB - Virtual size: 166KB

_RDATA Size: 3KB - Virtual size: 2KB

.rsrc Size: 4.3MB - Virtual size: 4.3MB

.reloc Size: 828KB - Virtual size: 832KB

.text
Size: 4.0MB - Virtual size: 4.0MB

.rdata
Size: 726KB - Virtual size: 725KB

.data
Size: 100KB - Virtual size: 166KB

_RDATA
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 4.3MB - Virtual size: 4.3MB

.reloc
Size: 828KB - Virtual size: 832KB