2024-10-01_9f18f0e0d965c70d0ab58aba70631470_bkransomware

Sharing

Copy URL Twitter E-mail

General

Target

2024-10-01_9f18f0e0d965c70d0ab58aba70631470_bkransomware
Size

5.0MB
MD5

9f18f0e0d965c70d0ab58aba70631470
SHA1

d78b2d5afb323ba211c04c53ab8b4a211b777e1e
SHA256

7b6db38fc3412cc6faa616cae962f3000034eb620b74ff9585eb5cfca826f021
SHA512

ce8786c75cdb81bdb094c62aca469c90916be1007a919fb688d6769330f008f550b43094c1d98ed0e3e7d1298323f84fa103871547bb09b77bf91ed10fc7c125
SSDEEP

98304:LW3NyQqiIrBE+JM3tLftwSoNnRcdK0h+USRipj7l2z8lgm:LiNhqiIrBE+OtLAidKhQzl1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-10-01_9f18f0e0d965c70d0ab58aba70631470_bkransomware

Files

2024-10-01_9f18f0e0d965c70d0ab58aba70631470_bkransomware
.exe windows:5 windows x86 arch:x86

ccb96c87597fecdabd378cd42d5ad74b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Pierre\Viewer\XnView\project\Win32_Release\XnViewClassic\xnview.pdb

Imports

shell32

DragFinish
DragQueryFileW
SHGetPathFromIDListW
ExtractIconA
SHChangeNotify
ord16
ord17
ord18
ord195
ExtractIconExA
DragAcceptFiles
SHGetDesktopFolder
ord155
SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderLocation
ShellExecuteExA
SHBrowseForFolderA
SHGetFileInfoA
SHFileOperationA
ShellExecuteA
DragQueryFileA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

comctl32

ImageList_DragEnter
ImageList_DragShowNolock
ImageList_BeginDrag
ImageList_DragMove
ImageList_EndDrag
ImageList_GetIconSize
ImageList_SetBkColor
ImageList_ReplaceIcon
ImageList_GetIcon
ImageList_GetImageCount
ord6
InitCommonControlsEx
ImageList_Create
ImageList_AddMasked
ImageList_Add
_TrackMouseEvent
ImageList_Destroy
ImageList_Draw
ImageList_DragLeave

avifil32

AVIFileExit
AVIStreamRelease
AVIFileInit
AVIFileCreateStreamA
AVIStreamSetFormat
AVIFileOpenA
AVIStreamWrite
AVIFileRelease
AVIMakeCompressedStream

msvfw32

MCIWndCreateA
ICClose
ICOpen
ICSendMessage
ICGetInfo
ICInfo

winmm

mciSendCommandA

kernel32

DeleteCriticalSection
GetCurrentThreadId
OutputDebugStringA
GetVersionExA
DeleteFileW
GetCurrentProcessId
GetTempPathA
LocalFree
GetSystemTime
AreFileApisANSI
DeleteFileA
DosDateTimeToFileTime
GlobalLock
GlobalAlloc
GlobalUnlock
GlobalFree
InterlockedIncrement
InterlockedDecrement
SetEvent
CreateEventA
ResetEvent
GetLocalTime
lstrcpyW
SetPriorityClass
PeekNamedPipe
GetDriveTypeA
GetExitCodeProcess
MulDiv
CreateProcessA
GetACP
GetShortPathNameA
SetCurrentDirectoryA
GetStartupInfoA
GetLongPathNameA
CreatePipe
GetModuleFileNameA
FindNextFileA
GetCurrentDirectoryA
SetThreadPriority
CreateThread
MoveFileExA
CompareFileTime
ExpandEnvironmentStringsA
SetFileTime
CopyFileA
GetTempFileNameA
MoveFileA
GetFileTime
GetLocaleInfoA
SystemTimeToTzSpecificLocalTime
FindCloseChangeNotification
GetNumberFormatA
GetDateFormatA
WaitForMultipleObjectsEx
FindNextChangeNotification
GetFileAttributesExW
lstrcmpW
CompareStringA
lstrlenA
CreateDirectoryA
LocalAlloc
GetModuleHandleA
CopyFileW
GlobalSize
FindResourceA
LoadResource
LockResource
GlobalReAlloc
LoadLibraryExA
SizeofResource
EnumResourceNamesA
GetProfileIntA
SearchPathA
QueryPerformanceFrequency
GetModuleFileNameW
GetWindowsDirectoryA
GetPrivateProfileIntA
GetPrivateProfileStringA
WritePrivateProfileStringA
lstrcpynA
SetLastError
GetProfileStringA
lstrcpyA
lstrcatA
InitializeCriticalSectionAndSpinCount
RaiseException
DecodePointer
LocalFileTimeToFileTime
GetSystemDirectoryA
ReleaseMutex
CreateMutexA
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
GetCurrentDirectoryW
FreeEnvironmentStringsW
GetEnvironmentStringsW
WriteConsoleW
SetStdHandle
MoveFileExW
GetTimeZoneInformation
FindFirstFileExW
GetCPInfo
GetOEMCP
IsValidCodePage
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetStartupInfoW
GetStdHandle
GetModuleHandleW
GetFileType
GetDriveTypeW
GetCommandLineA
CreateDirectoryW
GetConsoleCP
SetFilePointerEx
ReadConsoleW
GetConsoleMode
SetEnvironmentVariableA
LoadLibraryExW
ExitThread
GetModuleHandleExW
EncodePointer
RtlUnwind
IsProcessorFeaturePresent
IsDebuggerPresent
LocalUnlock
LocalLock
GetVersion
ExitProcess
GetFileInformationByHandle
GetStringTypeW
GetSystemInfo
GetDiskFreeSpaceA
CreateFileMappingW
CreateFileMappingA
LoadLibraryA
GetDiskFreeSpaceW
EnterCriticalSection
EnumSystemLocalesW
LockFileEx
HeapSize
GetProcAddress
GetLastError
GetTempPathW
FlushFileBuffers
CreateFileW
ReadFile
HeapValidate
HeapCreate
LeaveCriticalSection
HeapDestroy
GetVersionExW
FormatMessageW
Sleep
LoadLibraryW
WideCharToMultiByte
InitializeCriticalSection
WriteFile
FormatMessageA
GetSystemTimeAsFileTime
GetProcessHeap
UnlockFileEx
GetTickCount
OutputDebugStringW
WaitForSingleObjectEx
LockFile
FlushViewOfFile
UnlockFile
InterlockedCompareExchange
WaitForSingleObject
HeapFree
QueryPerformanceCounter
SystemTimeToFileTime
HeapAlloc
FreeLibrary
SetEndOfFile
UnmapViewOfFile
MapViewOfFile
TryEnterCriticalSection
SetFilePointer
HeapCompact
CreateMutexW
HeapReAlloc
GetFullPathNameA
GetFullPathNameW
CloseHandle
GetFileSize
CreateFileA
FindClose
FindFirstFileA
SetFileAttributesA
FileTimeToLocalFileTime
MultiByteToWideChar
FileTimeToSystemTime
GetFileAttributesW
GetFileAttributesA
FindFirstChangeNotificationA

user32

EnumWindows
EnumThreadWindows
TranslateMDISysAccel
IsWindow
LoadAcceleratorsA
BringWindowToTop
FindWindowExA
PostQuitMessage
GetSystemMenu
GetMessagePos
SetClassLongA
GetDlgCtrlID
GetSysColorBrush
UnhookWindowsHookEx
SetWindowsHookExA
CallNextHookEx
SetScrollRange
SetScrollPos
IsWindowEnabled
GetPropA
RemovePropA
SetPropA
EqualRect
DrawFrameControl
CreateIconIndirect
InflateRect
CopyRect
CharNextA
CreateDialogParamA
IsDialogMessageA
GetDlgItemInt
SetDlgItemInt
CheckRadioButton
UnionRect
IsZoomed
SetCursorPos
SetMenu
AdjustWindowRect
FindWindowA
LoadStringW
AppendMenuA
CreateIconFromResourceEx
wsprintfA
CreateIconFromResource
DefFrameProcA
DefDlgProcA
CheckDlgButton
IsDlgButtonChecked
CreateDialogIndirectParamA
SendDlgItemMessageA
MsgWaitForMultipleObjects
EnableWindow
AttachThreadInput
MessageBeep
GetIconInfo
GetCursor
GetWindowThreadProcessId
SetForegroundWindow
GetForegroundWindow
IntersectRect
IsRectEmpty
IsMenu
DrawIconEx
ChildWindowFromPoint
GetWindowTextA
TrackPopupMenuEx
CreatePopupMenu
SystemParametersInfoA
UnregisterHotKey
MapWindowPoints
DrawFocusRect
DestroyCursor
GetScrollPos
DrawEdge
GetSysColor
SetParent
GetScrollInfo
ScrollWindow
SetScrollInfo
EndDialog
GetDlgItemTextA
DialogBoxParamA
CloseClipboard
ShowCursor
RegisterClipboardFormatA
GetClipboardData
EmptyClipboard
GetMenuState
GetDlgItem
SetWindowPos
OpenClipboard
SetClipboardData
LoadBitmapA
SetRect
GetDesktopWindow
GetSystemMetrics
SetDlgItemTextA
TrackPopupMenu
CallWindowProcA
EndPaint
ClientToScreen
DestroyWindow
SetCursor
GetMessageA
GetClassNameA
SetTimer
ScreenToClient
GetWindowRect
IsIconic
GetMenuItemID
IsChild
SetCapture
DrawTextA
GetKeyState
GetSubMenu
LoadStringA
DeleteMenu
GetFocus
IsClipboardFormatAvailable
ReleaseDC
InvalidateRect
GetDC
FillRect
MoveWindow
GetWindow
RegisterClassA
CheckMenuItem
ModifyMenuA
EndDeferWindowPos
DestroyIcon
LoadCursorA
DestroyMenu
UpdateWindow
LoadImageA
SetWindowTextA
IsWindowVisible
BeginDeferWindowPos
GetParent
LoadMenuA
InsertMenuA
RegisterHotKey
LoadIconA
WindowFromPoint
GetClientRect
SetFocus
SendMessageA
BeginPaint
PtInRect
TranslateMessage
GetMenu
CheckMenuRadioItem
SetWindowLongA
MessageBoxA
GetWindowLongA
CreateWindowExA
PeekMessageA
EnableMenuItem
TranslateAcceleratorA
DefWindowProcA
GetCursorPos
GetMenuItemInfoA
GetMenuStringA
EnumChildWindows
ShowWindow
DrawMenuBar
GetClassInfoA
GetMenuItemCount
PostMessageA
ClipCursor
RemoveMenu
DispatchMessageA
DeferWindowPos
DefMDIChildProcA
ReleaseCapture
KillTimer

gdi32

SetTextColor
SetDIBitsToDevice
CloseEnhMetaFile
CreateEnhMetaFileA
GetTextExtentPoint32A
ExtTextOutA
RectVisible
GetTextExtentPointA
Polyline
CreateBrushIndirect
TextOutA
Rectangle
SetBkMode
SetBkColor
SetBrushOrgEx
BitBlt
LineTo
MoveToEx
GetBkColor
CreateDCA
SetROP2
GdiFlush
SetViewportExtEx
SetBoundsRect
SetMapMode
SetWindowExtEx
SetViewportOrgEx
PlayMetaFile
SetWindowOrgEx
PatBlt
CreateRectRgn
SelectClipRgn
EndDoc
StartDocA
SetAbortProc
StartPage
EndPage
RoundRect
FillPath
EndPath
StrokePath
BeginPath
GetBkMode
GetCharABCWidthsFloatA
Ellipse
Polygon
SetWinMetaFileBits
PlayEnhMetaFile
GetEnhMetaFileHeader
GetEnhMetaFileA
DeleteEnhMetaFile
GetViewportExtEx
LPtoDP
GetViewportOrgEx
TranslateCharsetInfo
StretchBlt
CreateFontIndirectA
GetTextMetricsA
GetDeviceCaps
CreateSolidBrush
CreatePalette
SelectObject
RealizePalette
StretchDIBits
SelectPalette
SetStretchBltMode
GetSystemPaletteEntries
GetStockObject
DeleteDC
GetDIBits
CreateCompatibleDC
GetObjectA
CreateDIBSection
CreateBitmap
DeleteObject
CreateCompatibleBitmap
CreatePen
CreateDIBitmap

winspool.drv

DocumentPropertiesA
OpenPrinterA
EnumPrintersA
ClosePrinter

comdlg32

GetSaveFileNameA
GetOpenFileNameA
ChooseColorA
PrintDlgA
ChooseFontA

advapi32

RegEnumKeyA
RegSetValueA
RegCreateKeyA
RegOpenKeyA
RegQueryValueA
RegQueryValueExA
RegCloseKey
RegEnumValueA
RegDeleteValueA
RegQueryInfoKeyA
RegOpenKeyExA
RegCreateKeyExA
RegDeleteKeyA
RegSetValueExA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor

ole32

CoGetMalloc
CoTaskMemAlloc
OleInitialize
CoInitialize
CoUninitialize
CoCreateInstance
OleUninitialize
DoDragDrop
RevokeDragDrop
CoTaskMemRealloc
RegisterDragDrop
GetHGlobalFromStream
CreateStreamOnHGlobal
CLSIDFromString
PropVariantClear
CoTaskMemFree

oleaut32

VariantInit

shlwapi

StrCmpLogicalW

Sections

.text
Size: 3.6MB - Virtual size: 3.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 588KB - Virtual size: 588KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 282KB - Virtual size: 585KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 179KB - Virtual size: 178KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ccb96c87597fecdabd378cd42d5ad74b

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

shell32

version

comctl32

avifil32

msvfw32

winmm

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

ole32

oleaut32

shlwapi

Sections

.text Size: 3.6MB - Virtual size: 3.6MB

.rdata Size: 588KB - Virtual size: 588KB

.data Size: 282KB - Virtual size: 585KB

_RDATA Size: 2KB - Virtual size: 2KB

.rsrc Size: 1.4MB - Virtual size: 1.4MB

.reloc Size: 179KB - Virtual size: 178KB

.text
Size: 3.6MB - Virtual size: 3.6MB

.rdata
Size: 588KB - Virtual size: 588KB

.data
Size: 282KB - Virtual size: 585KB

_RDATA
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

.reloc
Size: 179KB - Virtual size: 178KB