2024-10-15_15066416d5c6bba57ccc68785da2d188_bkransomware

Sharing

Copy URL Twitter E-mail

General

Target

2024-10-15_15066416d5c6bba57ccc68785da2d188_bkransomware
Size

2.8MB
MD5

15066416d5c6bba57ccc68785da2d188
SHA1

970332d3986677f90cb9016614a674dff90db9d3
SHA256

1bafbc6026f277152de543599a8c06ca1df8925f63c26eb468e3d4265c4c3ee9
SHA512

05d0310b33e958a8ef29330b44f3d3116615360c40fe0c49492021a3c542d3730096db94d21da4ebce23cae0eb7a3ad7ac502c99dab464e9862167ff0d6b184d
SSDEEP

49152:OKISKH+KE40JmZdkaFx7Qb8vku2N0VI/F+1T/zsJUbPzpIX53H10qd6Ck2F:Of9H+/40JKdkS7Qb8cQVI/81T/zsCIXF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-10-15_15066416d5c6bba57ccc68785da2d188_bkransomware

Files

2024-10-15_15066416d5c6bba57ccc68785da2d188_bkransomware
.exe windows:5 windows x86 arch:x86

7e5bd310b1b0f8dd4a6e644db5e02695

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

H:\我的工作\CABAL工具\Jingtian3 - 更换加密 - 新地址2 - 测试双精度时间 - 副本 (3)\Bin\CabalLaunch.pdb

Imports

kernel32

GlobalReAlloc
GlobalHandle
LocalAlloc
LocalReAlloc
GetCurrentProcessId
GlobalFlags
GlobalAddAtomA
FindClose
FindFirstFileA
FlushFileBuffers
GetFullPathNameA
LockFile
SetEndOfFile
SetFilePointer
LeaveCriticalSection
WriteFile
DuplicateHandle
lstrcmpiA
GetVolumeInformationA
WaitForSingleObject
SetThreadPriority
EncodePointer
GetSystemDirectoryW
FreeResource
LoadLibraryExW
GlobalDeleteAtom
lstrcmpW
GlobalFindAtomA
GetVersionExA
FileTimeToLocalFileTime
GetFileAttributesA
GetFileAttributesExA
GetFileSizeEx
GetFileTime
CompareStringW
GetUserDefaultUILanguage
GetOEMCP
GetCPInfo
GetCurrentDirectoryA
GetACP
lstrcpyA
GetWindowsDirectoryA
VerSetConditionMask
VerifyVersionInfoA
GetTempPathA
GetTempFileNameA
GetTickCount
GetProfileIntA
SearchPathA
FindResourceExW
TlsFree
GetSystemInfo
VirtualQuery
IsDebuggerPresent
IsProcessorFeaturePresent
HeapQueryInformation
ExitThread
ExitProcess
GetModuleHandleExW
AreFileApisANSI
GetSystemTimeAsFileTime
SetStdHandle
GetFileType
SetFilePointerEx
GetConsoleMode
ReadConsoleW
GetStdHandle
GetStartupInfoW
IsValidCodePage
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
GetTimeZoneInformation
GetStringTypeW
GetConsoleCP
OutputDebugStringW
LCMapStringW
WriteConsoleW
CreateFileW
SetEnvironmentVariableA
EnterCriticalSection
InitializeCriticalSection
CompareStringA
FileTimeToSystemTime
GlobalGetAtomNameA
lstrcmpA
LoadLibraryW
GetModuleHandleW
GetModuleFileNameW
DeleteCriticalSection
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
RaiseException
DecodePointer
SetLastError
GetLastError
CopyFileA
FormatMessageA
MulDiv
LocalFree
GlobalFree
GlobalUnlock
GlobalLock
GlobalSize
GlobalAlloc
TlsSetValue
TlsGetValue
RtlUnwind
TlsAlloc
InitializeCriticalSectionAndSpinCount
FindResourceA
GetPrivateProfileStringA
GetModuleFileNameA
GetCommandLineA
FindResourceW
LoadResource
LockResource
SizeofResource
VirtualProtect
MultiByteToWideChar
WideCharToMultiByte
UnmapViewOfFile
OpenFileMappingA
ResumeThread
CreateProcessA
MapViewOfFile
CreateFileMappingA
CreateRemoteThread
VirtualFreeEx
Sleep
CreateThread
VirtualProtectEx
GetCurrentProcess
GetModuleHandleA
VirtualFree
ReadFile
CloseHandle
VirtualAlloc
GetFileSize
CreateFileA
FreeLibrary
GetProcAddress
LoadLibraryA
OutputDebugStringA
WriteProcessMemory
ReadProcessMemory
VirtualAllocEx
OpenThread
UnlockFile
GetCurrentThreadId

user32

LoadCursorW
NotifyWinEvent
CreatePopupMenu
GetMenuDefaultItem
MapVirtualKeyA
SetLayeredWindowAttributes
EnumDisplayMonitors
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
DrawStateA
LoadImageW
DrawEdge
DrawFrameControl
SetWindowRgn
UnionRect
IsMenu
UpdateLayeredWindow
MonitorFromPoint
BringWindowToTop
LoadAcceleratorsA
TranslateAcceleratorA
LoadMenuA
InsertMenuItemA
UnpackDDElParam
ReuseDDElParam
GetKeyNameTextA
TrackMouseEvent
LoadMenuW
GetComboBoxInfo
IsZoomed
GetSystemMenu
PostThreadMessageA
WaitMessage
GetKeyboardLayout
IsCharLowerA
MapVirtualKeyExA
GetKeyboardState
ToAsciiEx
LoadAcceleratorsW
CreateAcceleratorTableA
DestroyAcceleratorTable
CopyAcceleratorTableA
SetCursorPos
SetRect
SetParent
LockWindowUpdate
SetClassLongA
GetDoubleClickTime
CopyIcon
SetMenuDefaultItem
ModifyMenuA
RegisterClipboardFormatA
CharUpperBuffA
FrameRect
DrawMenuBar
DefFrameProcA
DefMDIChildProcA
TranslateMDISysAccel
IsClipboardFormatAvailable
GetUpdateRect
SubtractRect
CreateMenu
MapDialogRect
DestroyCursor
GetWindowRgn
DrawIcon
DeleteMenu
SetCursor
ShowOwnedPopups
CopyImage
SystemParametersInfoA
DestroyMenu
IntersectRect
InflateRect
LoadBitmapW
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
IsIconic
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconW
GetTopWindow
GetClassLongA
EqualRect
CopyRect
MapWindowPoints
AdjustWindowRectEx
GetClientRect
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
InvertRect
RedrawWindow
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
IsChild
GetClassInfoExA
GetClassInfoA
RegisterClassA
CallWindowProcA
PostMessageA
GetMessageTime
GetMessagePos
RegisterWindowMessageA
FillRect
ScreenToClient
GetWindowDC
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
CallNextHookEx
SetWindowsHookExA
GetCursorPos
ValidateRect
GetKeyState
GetActiveWindow
IsWindowVisible
PeekMessageA
DispatchMessageA
TranslateMessage
GetMessageA
CharUpperA
DestroyIcon
RealChildWindowFromPoint
GetClassNameA
GetDesktopWindow
PtInRect
ClientToScreen
GetWindowRect
IsDialogMessageA
SetWindowLongA
SetWindowTextA
GetFocus
GetDlgCtrlID
SendDlgItemMessageA
CheckDlgButton
GetDlgItem
SetWindowPos
MoveWindow
IsWindow
GetWindow
GetScrollPos
SetScrollPos
SetFocus
GetLastActivePopup
GetWindowThreadProcessId
GetParent
GetWindowLongA
IsWindowEnabled
EnableWindow
SendMessageA
GetSysColorBrush
GetSysColor
ReleaseDC
GetDC
GetSystemMetrics
UnhookWindowsHookEx
GetWindowTextLengthA
GetWindowTextA
RemoveMenu
AppendMenuA
InsertMenuA
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringA
MessageBoxA
LoadIconA
LoadCursorA
CreateWindowExA
ShowWindow
UpdateWindow
DestroyWindow
DefWindowProcA
BeginPaint
EndPaint
PostQuitMessage
EndDialog
HideCaret
EnableScrollBar
GetAsyncKeyState
MessageBeep
GetIconInfo
DrawIconEx
IsRectEmpty
LoadImageA
OffsetRect
SetRectEmpty
DrawFocusRect
WindowFromPoint
ReleaseCapture
SetCapture
GetNextDlgGroupItem
GetNextDlgTabItem
CreateDialogIndirectParamA
InvalidateRect
KillTimer
ScrollWindow
SetTimer
GetMenuItemInfoA

msimg32

TransparentBlt
AlphaBlend

shlwapi

PathRemoveFileSpecW
PathFindExtensionA
PathStripToRootA
PathIsUNCA
PathFindFileNameA
StrFormatKBSizeA

uxtheme

DrawThemeParentBackground
OpenThemeData
GetThemePartSize
GetWindowTheme
GetThemeSysColor
IsThemeBackgroundPartiallyTransparent
IsAppThemed
GetCurrentThemeName
GetThemeColor
DrawThemeBackground
CloseThemeData
DrawThemeText

oleacc

LresultFromObject
CreateStdAccessibleObject
AccessibleObjectFromWindow

gdiplus

GdipCreateBitmapFromHBITMAP
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipBitmapUnlockBits
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipDeleteGraphics
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipDrawImageI
GdiplusShutdown
GdipAlloc

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

winmm

PlaySoundA

gdi32

SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CombineRgn
CreateFontIndirectA
CreateRectRgnIndirect
PatBlt
SetRectRgn
DPtoLP
GetTextExtentPoint32A
GetTextMetricsA
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
GetBkColor
CreateCompatibleBitmap
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
CreateDCA
GetDeviceCaps
DeleteObject
BitBlt
CreateBitmap
CreateCompatibleDC
CreateHatchBrush
CreatePen
ExtTextOutA
CreateRectRgn
CreateSolidBrush
DeleteDC
Escape
ExcludeClipRect
GetClipBox
GetObjectType
GetPixel
GetStockObject
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextColor
SetTextAlign
TextOutA
MoveToEx
GetObjectA
CreatePatternBrush
CopyMetaFileA
GetTextFaceA
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
GetTextColor
CreatePolygonRgn
Polygon
Polyline
Rectangle
EnumFontFamiliesExA
GetRgnBox
OffsetRgn
CreateRoundRectRgn
RoundRect
FrameRgn
PtInRegion
SetPixelV
ExtFloodFill
SetPaletteEntries
FillRgn
GetBoundsRect
GetWindowOrgEx
LPtoDP
GetViewportOrgEx

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegCloseKey
RegCreateKeyExA
RegDeleteKeyA
RegOpenKeyExA
RegDeleteValueA
RegEnumKeyExA
RegSetValueExA
RegQueryValueExA

shell32

ShellExecuteA
SHGetFileInfoA
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetDesktopFolder
DragQueryFileA
DragFinish
SHBrowseForFolderA
SHAppBarMessage

ole32

RegisterDragDrop
RevokeDragDrop
CoLockObjectExternal
OleGetClipboard
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLockRunning
DoDragDrop
CreateStreamOnHGlobal
CoInitializeEx
CoInitialize
CoUninitialize
CoDisconnectObject
CoCreateInstance
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc

oleaut32

SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SysAllocStringLen
SysAllocStringByteLen
VariantClear
VariantCopy
VariantChangeType
VarBstrFromDate
LoadTypeLi
VariantInit
SysAllocString
SysFreeString

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 293KB - Virtual size: 292KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 113KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7e5bd310b1b0f8dd4a6e644db5e02695

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

msimg32

shlwapi

uxtheme

oleacc

gdiplus

imm32

winmm

gdi32

winspool.drv

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 293KB - Virtual size: 292KB

.data Size: 22KB - Virtual size: 53KB

.vmp0 Size: 25KB - Virtual size: 24KB

.reloc Size: 113KB - Virtual size: 112KB

.rsrc Size: 1.1MB - Virtual size: 1.1MB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 293KB - Virtual size: 292KB

.data
Size: 22KB - Virtual size: 53KB

.vmp0
Size: 25KB - Virtual size: 24KB

.reloc
Size: 113KB - Virtual size: 112KB

.rsrc
Size: 1.1MB - Virtual size: 1.1MB