2024-10-04_086d4db2590edf3afee55d5935a6c663_bkransomware

Sharing

Copy URL Twitter E-mail

General

Target

2024-10-04_086d4db2590edf3afee55d5935a6c663_bkransomware
Size

6.7MB
MD5

086d4db2590edf3afee55d5935a6c663
SHA1

2954c317dbf8a508043c64a80096b30969d875ad
SHA256

b6de0553175fefe36123265ffee8c1145133f26fe07a2fc0958bead845d0a9c7
SHA512

fea64003c6c194f6b0654c946b57f8935cb74995d28c03d002e519cd0e4dd098d99d017d3640474a02ecbc8cb199c18e5d4d0bbc51a4fd8ff2e5767ef9ea806d
SSDEEP

98304:3S57hyE7LV1p7V54H/D6WZgIXbs+dwaF+De+9rYn+FP7SLMvv:C57MqsHmYp3ee+Sn+FDsMv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-10-04_086d4db2590edf3afee55d5935a6c663_bkransomware

Files

2024-10-04_086d4db2590edf3afee55d5935a6c663_bkransomware
.exe windows:6 windows x86 arch:x86

c8fc00f20ec0711b5f5ff28781e7e73d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedPopEntrySList
ReleaseSemaphore
VirtualProtect
VirtualFree
VirtualAlloc
GetVersionExW
GetModuleHandleA
FreeLibraryAndExitThread
OutputDebugStringW
FreeEnvironmentStringsW
GetCurrentProcessId
WriteFile
GetModuleFileNameW
GetStdHandle
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
IsDebuggerPresent
GetProcessHeap
HeapAlloc
HeapSize
InterlockedPushEntrySList
GetModuleHandleExW
ExitProcess
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SetThreadPriority
SwitchToThread
SignalObjectAndWait
SetEvent
CreateTimerQueue
HeapFree
LoadLibraryExW
ExitThread
CreateSemaphoreW
InterlockedFlushSList
QueryDepthSList
UnregisterWaitEx
LCMapStringW
GetConsoleCP
GetConsoleMode
SetFilePointerEx
LoadLibraryW
SetStdHandle
WriteConsoleW
DeleteFileA
LocalFree
CreateEventW
GetLocalTime
FreeLibrary
SetLastError
MultiByteToWideChar
IsProcessorFeaturePresent
InitializeCriticalSectionAndSpinCount
ConnectNamedPipe
InitializeSListHead
WaitNamedPipeA
VirtualQuery
MapViewOfFile
GetEnvironmentVariableW
CreateFileMappingA
Beep
CreateThread
EnumSystemLocalesW
TlsFree
GetThreadTimes
CloseHandle
DeleteCriticalSection
GetStringTypeW
GetModuleFileNameA
GetFileType
LoadLibraryA
ResetEvent
GlobalFree
EnterCriticalSection
IsDBCSLeadByteEx
FindFirstFileA
RaiseException
FlushFileBuffers
GetOverlappedResult
GetSystemDirectoryA
TerminateProcess
GetFileAttributesA
Sleep
WaitForSingleObjectEx
SetCommBreak
GlobalLock
GetEnvironmentStringsW
QueryPerformanceCounter
SetDllDirectoryW
WideCharToMultiByte
GetProcAddress
GetModuleHandleW
DuplicateHandle
WaitForSingleObject
GetCurrentProcess
GetCurrentThread
GetCurrentThreadId
GetExitCodeThread
GetSystemTimeAsFileTime
LeaveCriticalSection
EncodePointer
DecodePointer
GetLastError
HeapReAlloc
GetCommandLineW
RtlUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TlsAlloc
TlsGetValue
TlsSetValue
GetStartupInfoW
GetTickCount
CreateFileW

user32

ShowOwnedPopups
ClientToScreen
GetMessageA
SetWindowRgn
GetWindowRect
GetMessageW
PostQuitMessage
SendDlgItemMessageA
SetCapture
LoadStringA
SetParent
ShowCaret
GetDoubleClickTime
GetCapture
SetRect
GetScrollInfo
MessageBoxA
UnionRect
GetDlgItem
ScrollWindow
EndDialog
DestroyCursor
ShowWindow
CreatePopupMenu
DrawMenuBar
CreateCaret
CreateWindowExW
MessageBoxW
ReleaseCapture
GetSystemMetrics
SendMessageW
UpdateWindow
ToUnicode
DrawFrameControl
SetDlgItemTextA
ValidateRect
TranslateMDISysAccel
SetScrollPos
SetCursor
DestroyAcceleratorTable
IsIconic
DrawIconEx
GetWindowInfo
SetFocus
GetWindowTextLengthA
DrawEdge
BeginPaint
EnumWindows
WaitMessage
GetDC
DrawFocusRect
OffsetRect
GetWindowTextA
SetPropA
GetKeyboardLayout
CheckMenuRadioItem
ReleaseDC
DestroyCaret
GetDesktopWindow
SystemParametersInfoA
ScrollWindowEx
SetWindowTextA
ValidateRgn
GetCaretBlinkTime
DestroyIcon
GetWindowThreadProcessId
DialogBoxParamA

gdi32

CreatePolygonRgn
SetWindowOrgEx
EndPage
BitBlt
TranslateCharsetInfo
SetViewportOrgEx
LineTo
SetWindowExtEx
DeleteDC
SetBkColor
GetRgnBox
SelectObject
PtInRegion
CreatePenIndirect
CreateCompatibleDC
CreateBrushIndirect
SaveDC
RealizePalette
StretchDIBits
CreateBitmapIndirect
GetCurrentPositionEx
SetPaletteEntries
GetObjectW
GetNearestPaletteIndex
RoundRect
CloseEnhMetaFile
GetWindowOrgEx
PatBlt
GetTextExtentPoint32A
ExtFloodFill
SetTextColor
MaskBlt
CreateHatchBrush
Polygon
GetDeviceCaps
SetDIBColorTable
ExcludeClipRect
CreateHalftonePalette
SetPixel
CreatePalette
PolyPolyline
Rectangle
Ellipse
GetObjectType
CreateRectRgn
GetCharWidth32A
CreatePatternBrush
RectVisible
IntersectClipRect
EndDoc
GetStockObject
ExtTextOutA
GetMetaFileBitsEx

advapi32

RegCloseKey
AdjustTokenPrivileges
RegOpenKeyExW
SetSecurityDescriptorOwner
SetSecurityDescriptorDacl
RegQueryValueExW
AllocateAndInitializeSid
RegDeleteValueA
LookupPrivilegeValueW

shell32

ShellExecuteExW

Sections

.text
Size: 706KB - Virtual size: 705KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6.0MB - Virtual size: 6.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.WkM
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c8fc00f20ec0711b5f5ff28781e7e73d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

Sections

.text Size: 706KB - Virtual size: 705KB

.data Size: 6.0MB - Virtual size: 6.0MB

.idata Size: 7KB - Virtual size: 6KB

.WkM Size: 2KB - Virtual size: 2KB

.reloc Size: 14KB - Virtual size: 13KB

.text
Size: 706KB - Virtual size: 705KB

.data
Size: 6.0MB - Virtual size: 6.0MB

.idata
Size: 7KB - Virtual size: 6KB

.WkM
Size: 2KB - Virtual size: 2KB

.reloc
Size: 14KB - Virtual size: 13KB