2024-10-12_68a6a6326e03ca9ff92982a92e6a90be_bkransomware

Sharing

Copy URL

Twitter E-mail

General

Target

2024-10-12_68a6a6326e03ca9ff92982a92e6a90be_bkransomware
Size

461KB
MD5

68a6a6326e03ca9ff92982a92e6a90be
SHA1

2d8bbb9a623abf710c9fd2491f6095efa3e64833
SHA256

e6ef6d892641baa67be0f687ba42eebfdb61ff05b5b5d13142d2937bcf9cb186
SHA512

96dc781794c020fd43a242d889372df135c4b799c75d49a4dc12be4b83999db214f3659c1403963642b2d940f2356599f00721690e880264aacf1ba1a2ab77fb
SSDEEP

6144:S1VnJsnpYf++1rfn9jkj3ZuUVB6ErnF5NzR9QPJQW2vnbIrHnWn4nRmnOjgnI2J4:S1LByrZuG6Mt9QSWRHJGf927S2U4f

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-10-12_68a6a6326e03ca9ff92982a92e6a90be_bkransomware

Files

2024-10-12_68a6a6326e03ca9ff92982a92e6a90be_bkransomware
.exe windows:5 windows x86 arch:x86

0b2bcda5a5e7a071e24316d55353cf6d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetTextCharset
GetRandomRgn
GetTextAlign
SetPixel
GetTextCharsetInfo
GetBkColor
GetTextColor
GetFontUnicodeRanges
GetPixelFormat
GetStretchBltMode
GetSystemPaletteUse

user32

GetCursor
GetKeyboardType
GetDlgItem
GetDlgItemInt
GetForegroundWindow
GetScrollPos
GetPropA
SetDlgItemTextA
ShowWindow
LoadIconA
MoveWindow
GetQueueStatus
SendMessageA
WindowFromDC
EndPaint
BeginPaint
GetMenuContextHelpId
GetWindowDC
GetWindowContextHelpId
IsWindowUnicode
RemovePropA
GetMenuItemCount
CallWindowProcA
SetWindowTextA

kernel32

GetFullPathNameA
ReadConsoleW
ReadFile
SetEndOfFile
GetTimeZoneInformation
CreateFileW
GetCurrentDirectoryW
SetCurrentDirectoryW
GetFullPathNameW
PeekNamedPipe
GetFileInformationByHandle
FileTimeToLocalFileTime
GetStringTypeW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
HeapSize
FlushFileBuffers
WriteConsoleW
SetStdHandle
GetProcAddress
GetFileType
GlobalFlags
GlobalSize
LocalFlags
IsDebuggerPresent
IsProcessorFeaturePresent
QueryPerformanceCounter
SetFilePointer
GetCurrentThreadId
GetTickCount
GetCurrentProcessId
GetDriveTypeA
GlobalHandle
GetCurrentProcess
DeleteFileA
GetLastError
FindClose
MoveFileA
FindResourceA
LockResource
GetModuleHandleA
HeapFree
HeapAlloc
HeapReAlloc
GetSystemTimeAsFileTime
EncodePointer
DecodePointer
ExitProcess
GetModuleHandleExW
AreFileApisANSI
MultiByteToWideChar
WideCharToMultiByte
GetCommandLineA
GetProcessHeap
GetStdHandle
WriteFile
GetModuleFileNameW
SetLastError
GetCurrentThread
EnterCriticalSection
LeaveCriticalSection
RtlUnwind
GetConsoleCP
GetConsoleMode
CloseHandle
DeleteCriticalSection
FatalAppExitA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
CreateEventW
Sleep
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
CreateSemaphoreW
SetConsoleCtrlHandler
FreeLibrary
LoadLibraryExW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
FindFirstFileExW
GetDriveTypeW
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetModuleFileNameA
GetEnvironmentStringsW
FreeEnvironmentStringsW
OutputDebugStringW
SetFilePointerEx
SetEnvironmentVariableA

Sections

.text
Size: 402KB - Virtual size: 401KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 157KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0b2bcda5a5e7a071e24316d55353cf6d

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

user32

kernel32

Sections

.text Size: 402KB - Virtual size: 401KB

.rdata Size: 25KB - Virtual size: 24KB

.data Size: 33KB - Virtual size: 157KB

.text
Size: 402KB - Virtual size: 401KB

.rdata
Size: 25KB - Virtual size: 24KB

.data
Size: 33KB - Virtual size: 157KB