2024-10-03_35cfdad85e12eae94845999d4184db8c_bkransomware

Sharing

Copy URL Twitter E-mail

General

Target

2024-10-03_35cfdad85e12eae94845999d4184db8c_bkransomware
Size

6.6MB
MD5

35cfdad85e12eae94845999d4184db8c
SHA1

7c75fa55688f2d7ca2aaca7574f330005db177cd
SHA256

83f6325a6c8d4366079f391c72ff3396e8172ce8a1db85a1c1e274832c84f06b
SHA512

9aca5b0be9d93e4d4f014cae52839e6d83e6ad1912fa01f3d5c990b76b26b0b9c1e091ceb183b1fd4f7f84747d734ee19572e26cdc23b48d1643368e95aeef9d
SSDEEP

196608:C/p2grs48c7f3/VMNMHM2Bf71OH0zcFwBWiG6:Ch2G97Hh/phXBM6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-10-03_35cfdad85e12eae94845999d4184db8c_bkransomware

Files

2024-10-03_35cfdad85e12eae94845999d4184db8c_bkransomware
.exe windows:6 windows x86 arch:x86

ae7ec63c0b744f8e57bdee89af170ec6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
TlsAlloc
GetWindowsDirectoryW
SuspendThread
CreateThread
RtlCaptureContext
GetPrivateProfileStringW
GetFullPathNameW
ExitProcess
GetCommandLineW
EncodePointer
GetEnvironmentVariableW
EnumResourceNamesW
CreateFileA
TlsGetValue
GetLocaleInfoA
FreeLibrary
LoadResource
SystemTimeToTzSpecificLocalTime
SystemTimeToFileTime
EnumCalendarInfoW
GetCommState
SetEnvironmentVariableW
QueryPerformanceCounter
SetHandleInformation
SignalObjectAndWait
GetLogicalDrives
ConnectNamedPipe
WaitForSingleObjectEx
GetCurrentThread
WideCharToMultiByte
IsValidLocale
InitializeCriticalSectionAndSpinCount
Sleep
GetSystemTimeAdjustment
HeapDestroy
TerminateProcess
GetOverlappedResult
ExitThread
GetStartupInfoW
WritePrivateProfileStringW
FlushFileBuffers
SetThreadLocale
FindFirstFileA
GetCPInfoExW
VirtualAlloc
CreateNamedPipeA
ResetEvent
LoadLibraryA
RemoveDirectoryW
GetSystemInfo
FindNextFileA
GetModuleHandleA
FindNextFileW
DeleteCriticalSection
WinExec
DeleteFileW
OpenFileMappingA
GetSystemTime
EnumResourceTypesW
DeleteFileA
SwitchToThread
WriteConsoleW
SetStdHandle
LoadLibraryW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
GetStringTypeW
LCMapStringW
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
ReleaseSemaphore
VirtualProtect
VirtualFree
FreeLibraryAndExitThread
GetThreadTimes
OutputDebugStringW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcessId
WriteFile
GetFileType
GetStdHandle
GetOEMCP
GetACP
IsValidCodePage
IsDebuggerPresent
GetProcessHeap
HeapAlloc
HeapSize
CreateFileW
MultiByteToWideChar
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SetThreadPriority
SetEvent
CreateFileMappingA
GetLocalTime
FindClose
GlobalFree
SetLastError
IsDBCSLeadByteEx
GetPrivateProfileIntW
RaiseException
GetTempPathW
GetModuleFileNameW
FileTimeToSystemTime
Beep
lstrcpynW
GetExitCodeProcess
LeaveCriticalSection
GetFileAttributesA
GetVersionExW
FormatMessageW
CreateEventA
ReadProcessMemory
SizeofResource
GetLocaleInfoW
OpenProcess
GetCommandLineA
GetWindowsDirectoryA
GetUserDefaultLangID
ExpandEnvironmentStringsA
GetSystemTimeAsFileTime
GetTickCount
WaitForSingleObject
GetUserDefaultLCID
GlobalLock
GetModuleHandleExW
HeapFree
InitializeSListHead
CompareFileTime
GetCPInfo
GetDriveTypeW
TlsFree
MapViewOfFile
CreateTimerQueue
LoadLibraryExW
CreateSemaphoreW
GetProcAddress
GetModuleHandleW
TlsSetValue
CreateEventW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsProcessorFeaturePresent
CloseHandle
DuplicateHandle
GetCurrentProcess
GetCurrentThreadId
GetExitCodeThread
EnterCriticalSection
DecodePointer
GetLastError
HeapReAlloc
RtlUnwind

user32

GetDlgItemInt
GetMessageW
RegisterWindowMessageW
IsIconic
GetKeyState
GetSubMenu
DrawIconEx
AttachThreadInput
DrawTextExW
InflateRect
GetMenu
MessageBoxA
LoadMenuW
GetWindowTextW
GetClassNameW
MonitorFromWindow
SetWindowLongW
DestroyCursor
SendDlgItemMessageW
ShowWindow
CreateWindowExW
InsertMenuW
MessageBoxW
GetDlgItemTextW
MapWindowPoints
UpdateWindow
EndMenu
DestroyMenu
SetWindowTextW
DestroyIcon
SetMenuItemInfoW
GetMonitorInfoW
GetWindowThreadProcessId
GetWindow
IsRectEmpty
EndPaint
DestroyAcceleratorTable
CharUpperBuffW
CharNextW
LoadStringA
GetWindowInfo
ModifyMenuW
EnumWindows
GetDC
DrawFocusRect
CreateDialogIndirectParamA
SetDlgItemInt
GetDesktopWindow
GetSysColorBrush
GetKeyboardType
SetDlgItemTextW
SendMessageW
DrawFrameControl
CopyRect
SystemParametersInfoW

gdi32

PolyPolygon
GetTextExtentPoint32W
CreateHatchBrush
Polygon
StretchBlt
GetRegionData
ExtCreateRegion
StretchDIBits
GetCharABCWidthsW
SetStretchBltMode
GetNearestPaletteIndex
CreatePatternBrush
SetViewportExtEx
SetROP2
CreateEnhMetaFileW
SetViewportOrgEx
ExtFloodFill
SetTextColor
CreateFontIndirectW
GetRgnBox
PlayEnhMetaFile
CombineRgn
GetTextExtentPointW
GetObjectW
CreatePolygonRgn

comdlg32

GetOpenFileNameW

advapi32

RegOpenKeyExA
LookupPrivilegeValueW
RegDeleteKeyA
OpenServiceW
OpenProcessToken
QueryServiceStatus
RegUnLoadKeyW
RegOpenKeyExW
SetSecurityDescriptorDacl
OpenSCManagerW
ChangeServiceConfigW

shell32

SHGetFileInfoW
ShellExecuteExW
ShellExecuteW
Shell_NotifyIconW

oleaut32

SysAllocStringLen
SafeArrayGetLBound
SafeArrayPtrOfIndex
VariantChangeType
SysReAllocStringLen

Sections

.text
Size: 672KB - Virtual size: 672KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6.0MB - Virtual size: 6.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.KXQ
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ae7ec63c0b744f8e57bdee89af170ec6

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

oleaut32

Sections

.text Size: 672KB - Virtual size: 672KB

.data Size: 6.0MB - Virtual size: 6.0MB

.idata Size: 7KB - Virtual size: 7KB

.KXQ Size: 3KB - Virtual size: 2KB

.reloc Size: 13KB - Virtual size: 13KB

.text
Size: 672KB - Virtual size: 672KB

.data
Size: 6.0MB - Virtual size: 6.0MB

.idata
Size: 7KB - Virtual size: 7KB

.KXQ
Size: 3KB - Virtual size: 2KB

.reloc
Size: 13KB - Virtual size: 13KB