2024-09-12_1c0a371ebce4097a05bccfb0e9d6c31f_bkransomware

Sharing

Copy URL Twitter E-mail

General

Target

2024-09-12_1c0a371ebce4097a05bccfb0e9d6c31f_bkransomware
Size

6.6MB
MD5

1c0a371ebce4097a05bccfb0e9d6c31f
SHA1

9858ff5763bcdd51062680ee6a6f8dca984ee574
SHA256

67b620ac5a0af1f7d1674e3fe12148885e1265fbd173ed16e8f7854395fa6fe3
SHA512

fe913414c27a0b50c698d3a5ff014d3ab744110189856233a6f4e7b0c58a918bad1ca397ca0325b0f73924435b72b185bbf00d296d6bfa4b0a1b7f44923eaf75
SSDEEP

98304:/33zefEq+D6l072yTqa8IfvBQ6sYj95nMfM+f5QbyTF57Hv0R4IL/pbmH:/nwL+Gl079cWBDsin8qOTF57HMj/w

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-09-12_1c0a371ebce4097a05bccfb0e9d6c31f_bkransomware

Files

2024-09-12_1c0a371ebce4097a05bccfb0e9d6c31f_bkransomware
.exe windows:6 windows x86 arch:x86

cc0446dab97047adcc88fd3dab89933e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
VirtualFree
VirtualAlloc
GetVersionExW
FreeLibraryAndExitThread
OutputDebugStringW
FreeEnvironmentStringsW
WriteFile
GetFileType
GetStdHandle
GetOEMCP
IsDebuggerPresent
GetProcessHeap
HeapAlloc
HeapSize
WideCharToMultiByte
MultiByteToWideChar
ExitProcess
UnregisterWait
RegisterWaitForSingleObject
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SetThreadPriority
SwitchToThread
SignalObjectAndWait
SetEvent
CreateTimerQueue
HeapFree
LoadLibraryExW
ExitThread
CreateThread
CreateSemaphoreW
GetProcAddress
GetModuleHandleW
GetTickCount
ReleaseSemaphore
InitializeSListHead
InterlockedPopEntrySList
InterlockedPushEntrySList
InterlockedFlushSList
QueryDepthSList
UnregisterWaitEx
LCMapStringW
GetConsoleCP
GetConsoleMode
SetFilePointerEx
LoadLibraryW
SetStdHandle
GetCurrentProcessId
DeleteCriticalSection
GetLocaleInfoA
GetModuleHandleA
CreateEventW
LoadLibraryA
GetLocalTime
ResetEvent
IsValidCodePage
SetLastError
IsDBCSLeadByteEx
FindFirstFileA
FlushFileBuffers
GetACP
CreateFileW
GetModuleFileNameW
Beep
LeaveCriticalSection
GetSystemTimeAdjustment
Sleep
IsValidLocale
SetCommTimeouts
ClearCommBreak
WaitForSingleObjectEx
SetCommBreak
WaitForSingleObject
GlobalLock
GetEnvironmentStringsW
GetCommState
FreeLibrary
TlsGetValue
GlobalMemoryStatus
ExpandEnvironmentStringsW
GetSystemTime
LocalFree
GetThreadTimes
TlsAlloc
GetStringTypeW
FindNextFileW
FindNextFileA
GlobalFree
GetStartupInfoW
GetSystemDirectoryA
TerminateProcess
GetFileAttributesA
GetLocaleInfoW
GetSystemTimeAsFileTime
GetModuleHandleExW
QueryPerformanceCounter
SetEnvironmentVariableW
GetCurrentProcess
GetCPInfo
UnmapViewOfFile
MapViewOfFile
SetThreadAffinityMask
TlsFree
TlsSetValue
InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
CloseHandle
DuplicateHandle
GetCurrentThread
GetCurrentThreadId
GetExitCodeThread
EnterCriticalSection
EncodePointer
DecodePointer
GetLastError
HeapReAlloc
GetCommandLineW
RaiseException
RtlUnwind
IsProcessorFeaturePresent
UnhandledExceptionFilter
WriteConsoleW

user32

RegisterClassA
ToAsciiEx
EndPaint
SetCursor
HideCaret
MapDialogRect
CreateDialogParamA
GetMessageW
PostQuitMessage
SetKeyboardState
MsgWaitForMultipleObjects
GetParent
LoadIconA
GetWindowInfo
CreateMenu
WaitMessage
GetQueueStatus
CreateDialogIndirectParamA
GetWindowTextA
SetPropA
MessageBoxA
UnionRect
GetDlgItem
EndDialog
DestroyCaret
GetSysColor
ShowWindow
SetMenu
CreateCaret
PostMessageA
RemoveMenu
CreateWindowExW
CheckRadioButton
MessageBoxW
SystemParametersInfoA
ReleaseCapture
SendMessageW
UpdateWindow
EndMenu
LoadCursorA
GetCaretBlinkTime
TranslateMDISysAccel
CopyRect
IsRectEmpty
CheckMenuRadioItem
DestroyWindow
GetWindowRect
IsIconic
SetCapture
GetClientRect
ShowCaret
EnumWindows
GetDC
GetKeyboardState
InvalidateRect
UnregisterClassA
SetScrollPos
PeekMessageA
GetDesktopWindow
DrawMenuBar
ScrollWindowEx
BeginDeferWindowPos
ToUnicode
CheckMenuItem
GetWindowThreadProcessId

gdi32

GetBitmapBits
ExtCreatePen
CreatePolygonRgn
MoveToEx
SetWindowOrgEx
PolyPolygon
LineTo
GetMetaFileBitsEx
Polygon
StretchBlt
CreateFontIndirectA
CopyEnhMetaFileA
ExcludeClipRect
CreateHalftonePalette
GetEnhMetaFileHeader
SetPixel
CreatePalette
GetRegionData
DeleteObject
GetPaletteEntries
SelectClipRgn
PolyPolyline
SetMapMode
CreateBrushIndirect
OffsetRgn
SaveDC
GetObjectType
StretchDIBits
GetTextExtentPointW
GetDIBColorTable
GetObjectW
GetNearestPaletteIndex
GetSystemPaletteEntries
CreatePatternBrush
Polyline
SetViewportExtEx
SetROP2
IntersectClipRect
CreateEnhMetaFileW
UpdateColors
RectVisible
BitBlt
TranslateCharsetInfo
Arc
PatBlt
SetTextColor
CreateHatchBrush
GetDeviceCaps
GetDIBits
GetRgnBox
SelectObject
PtInRegion
CreatePenIndirect
Ellipse
ExtCreateRegion
SelectPalette
GetTextExtentExPointA
GetCharABCWidthsW
SetStretchBltMode
GetCharABCWidthsFloatA
CreateDIBitmap
ExtTextOutA
RealizePalette

advapi32

AdjustTokenPrivileges
GetLengthSid
AllocateAndInitializeSid
RegOpenKeyExA
RegDeleteValueA
RegOpenKeyExW
SetSecurityDescriptorOwner
LookupPrivilegeValueW
EqualSid
OpenProcessToken

shell32

ShellExecuteExW

ole32

CoTaskMemFree

Sections

.text
Size: 613KB - Virtual size: 612KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6.0MB - Virtual size: 6.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.FHBfG
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cc0446dab97047adcc88fd3dab89933e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

Sections

.text Size: 613KB - Virtual size: 612KB

.data Size: 6.0MB - Virtual size: 6.0MB

.idata Size: 7KB - Virtual size: 7KB

.FHBfG Size: 3KB - Virtual size: 3KB

.reloc Size: 13KB - Virtual size: 13KB

.text
Size: 613KB - Virtual size: 612KB

.data
Size: 6.0MB - Virtual size: 6.0MB

.idata
Size: 7KB - Virtual size: 7KB

.FHBfG
Size: 3KB - Virtual size: 3KB

.reloc
Size: 13KB - Virtual size: 13KB