2024-09-25_3b8c6c236055e3cd2d6effe0c9d0c4db_bkransomware

Sharing

Copy URL Twitter E-mail

General

Target

2024-09-25_3b8c6c236055e3cd2d6effe0c9d0c4db_bkransomware
Size

6.6MB
MD5

3b8c6c236055e3cd2d6effe0c9d0c4db
SHA1

7aefe2e1b877a336fbe1dee1e46c0eb704530f06
SHA256

bd5f3e2665a64954bedb5ab62b33615dce4aa2cc93bad78f6163c15f32db4e37
SHA512

6539952952576b2f17e5fb258985cd8a84a7dc23aa3f1b6dfd8f64e94100172ca5b4093f749b937d20869a8bcdf053bbb3e54d49f70e4f0416ac966a2c3725c8
SSDEEP

196608:1wfwJPaDFUGjjWf0fpgH00U8dWEISfLhIE6VXlt4:JPTfWCH/1Z8j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-09-25_3b8c6c236055e3cd2d6effe0c9d0c4db_bkransomware

Files

2024-09-25_3b8c6c236055e3cd2d6effe0c9d0c4db_bkransomware
.exe windows:6 windows x86 arch:x86

5df00934ba592490ae78bd5680dd3a78

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTempPathW
RaiseException
FindFirstFileA
GetCPInfoExW
IsValidCodePage
CreateEventW
RemoveDirectoryW
GetSystemInfo
EnumResourceTypesW
FindNextFileA
IsDebuggerPresent
FindNextFileW
GetStringTypeW
GetUserDefaultUILanguage
GetThreadTimes
OpenFileMappingA
LocalFree
GetSystemTime
SuspendThread
ResumeThread
lstrcpyW
VirtualAlloc
GetFullPathNameW
GetTempFileNameW
GlobalMemoryStatus
FindFirstFileW
RtlCaptureContext
UnmapViewOfFile
GetDriveTypeW
GetCPInfo
VerSetConditionMask
GetCurrentProcess
CompareFileTime
SetEnvironmentVariableW
GlobalLock
GetUserDefaultLCID
WaitForSingleObjectEx
GetSystemTimeAsFileTime
GetCommandLineA
OpenProcess
WideCharToMultiByte
LoadLibraryW
SizeofResource
GetVersionExW
lstrcpynW
TerminateProcess
GetOverlappedResult
GetStartupInfoW
GlobalUnlock
VerifyVersionInfoW
SetThreadLocale
FlushFileBuffers
EnterCriticalSection
LockResource
DeviceIoControl
GetModuleFileNameA
GetOEMCP
GetThreadPriority
GetModuleHandleA
DeleteFileW
GetCurrentProcessId
EnumSystemLocalesW
ExpandEnvironmentStringsW
WriteConsoleW
SetStdHandle
SetFilePointerEx
GetConsoleMode
GetConsoleCP
LCMapStringW
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
ReleaseSemaphore
VirtualProtect
FreeLibraryAndExitThread
FreeLibrary
OutputDebugStringW
FreeEnvironmentStringsW
QueryPerformanceCounter
WriteFile
GetModuleFileNameW
GetFileType
GetStdHandle
GetProcessHeap
HeapAlloc
CreateFileW
HeapSize
MultiByteToWideChar
GetModuleHandleExW
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
WritePrivateProfileStringW
GetACP
GetTimeZoneInformation
IsProcessorFeaturePresent
HeapCreate
CreateEventA
ReadProcessMemory
Sleep
InitializeCriticalSectionAndSpinCount
GetLocaleInfoW
GetSystemDirectoryW
TlsSetValue
GetUserDefaultLangID
ClearCommBreak
VirtualFree
SetCommBreak
GetTickCount
GetEnvironmentStringsW
GetLogicalDrives
InitializeSListHead
SystemTimeToFileTime
FindResourceW
SetErrorMode
SetEndOfFile
GetSystemDefaultUILanguage
VirtualQuery
TlsGetValue
SetFilePointer
CreateFileA
GetDateFormatW
EncodePointer
GetCommandLineW
SetLastError
ExitProcess
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
SetThreadPriority
SwitchToThread
SignalObjectAndWait
SetEvent
CreateTimerQueue
CloseHandle
DuplicateHandle
WaitForSingleObject
GetCurrentThread
GetCurrentThreadId
GetExitCodeThread
LeaveCriticalSection
DeleteCriticalSection
DecodePointer
GetLastError
HeapReAlloc
RtlUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TlsAlloc
TlsFree
GetModuleHandleW
GetProcAddress
CreateSemaphoreW
CreateThread
ExitThread
LoadLibraryExW
HeapFree

user32

GetDlgCtrlID
CheckMenuItem
MapWindowPoints
GetMessageW
AttachThreadInput
CharLowerBuffW
DrawTextExW
GetMenuItemInfoW
ModifyMenuW
MessageBoxA
SystemParametersInfoW
GetClassNameW
SetWindowLongW
DestroyCursor
ShowWindow
EnableScrollBar
GetKeyboardType
CreateWindowExW
SetDlgItemTextW
SendMessageW
UpdateWindow
DestroyIcon
DrawFrameControl
GetWindowThreadProcessId
GetWindow
GetSubMenu
InflateRect
GetMonitorInfoW
CharUpperBuffW
CharNextW
LoadStringA
GetMenuStringW
GetDC
SetDlgItemInt
SendDlgItemMessageW
GetDesktopWindow
MessageBoxW
DrawFocusRect

gdi32

Polygon
StretchBlt
GetRegionData
Ellipse
GetCharABCWidthsW
SetViewportExtEx
SetWinMetaFileBits
CloseEnhMetaFile
CreateEnhMetaFileW
SetWindowOrgEx
SetWindowExtEx
SetTextColor
CreateFontIndirectW
ExtCreateRegion
SetPolyFillMode
CreatePolygonRgn

comdlg32

GetOpenFileNameW

advapi32

RegEnumKeyExW
RegOpenKeyExW
ChangeServiceConfigW
StartServiceW
RegDeleteKeyA
RegSetValueExW
RegCloseKey
RegSetKeySecurity
RegGetKeySecurity
SetSecurityDescriptorDacl
RegQueryValueExW
OpenServiceW
OpenProcessToken
AdjustTokenPrivileges

shell32

ShellExecuteExW
SHGetFileInfoW

ole32

CoTaskMemFree
CoInitialize

oleaut32

SysFreeString
SysAllocStringLen
SafeArrayPtrOfIndex
VariantChangeType
SysReAllocStringLen

Sections

.text
Size: 612KB - Virtual size: 612KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6.0MB - Virtual size: 6.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ojob
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5df00934ba592490ae78bd5680dd3a78

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 612KB - Virtual size: 612KB

.data Size: 6.0MB - Virtual size: 6.0MB

.idata Size: 6KB - Virtual size: 6KB

.ojob Size: 2KB - Virtual size: 2KB

.reloc Size: 13KB - Virtual size: 13KB

.text
Size: 612KB - Virtual size: 612KB

.data
Size: 6.0MB - Virtual size: 6.0MB

.idata
Size: 6KB - Virtual size: 6KB

.ojob
Size: 2KB - Virtual size: 2KB

.reloc
Size: 13KB - Virtual size: 13KB