2024-10-17_ab149cbcafc5d87eb430007c7c1c3764_bkransomware

Sharing

Copy URL Twitter E-mail

General

Target

2024-10-17_ab149cbcafc5d87eb430007c7c1c3764_bkransomware
Size

6.5MB
MD5

ab149cbcafc5d87eb430007c7c1c3764
SHA1

03d27e6aed15f4a9a53dfcad176087f004ec0df6
SHA256

d72008ef1791f33b50e3608b7eff5342893aaf35d25e80f7ac95010a331d47b9
SHA512

0f632c6a5b77f9bd4371814dfe8223aff55c2728595ba9fc4946dcd44d2f06bc10187e4e363574fe994dcf43a76f0c4f5bc59fddf5f109fbfacbf4960cf92b8d
SSDEEP

98304:aaDswHgFfxNCiDkgQQIENU1wHXYkkvBjpcUDxI9zOZCKJVTSnAGy4kDQ5S1n3M:aaDsqgr8M3+E0wIkmxPhsnAGy4Z5J

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-10-17_ab149cbcafc5d87eb430007c7c1c3764_bkransomware

Files

2024-10-17_ab149cbcafc5d87eb430007c7c1c3764_bkransomware
.exe windows:6 windows x86 arch:x86

b221f1870cc59353e5629e45f7164b2a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetVersionExW
GetModuleHandleA
FreeLibraryAndExitThread
OutputDebugStringW
FreeEnvironmentStringsW
GetCurrentProcessId
WriteFile
GetModuleFileNameW
GetStdHandle
GetOEMCP
IsDebuggerPresent
GetProcessHeap
HeapAlloc
HeapSize
GetModuleHandleExW
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
VirtualFree
GetLogicalProcessorInformation
GetThreadPriority
SetThreadPriority
SwitchToThread
SignalObjectAndWait
SetEvent
CreateTimerQueue
LoadLibraryExW
ExitThread
CreateThread
CreateSemaphoreW
GetProcAddress
GetModuleHandleW
TlsGetValue
TlsAlloc
SetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlUnwind
RaiseException
HeapReAlloc
GetLastError
DecodePointer
EncodePointer
VirtualProtect
ReleaseSemaphore
InitializeSListHead
InterlockedPopEntrySList
InterlockedPushEntrySList
InterlockedFlushSList
QueryDepthSList
UnregisterWaitEx
LCMapStringW
GetStringTypeW
FlushFileBuffers
GetLocaleInfoA
GetConsoleCP
GetConsoleMode
SetFilePointerEx
LoadLibraryW
SetStdHandle
DeleteFileA
TlsFree
GetSystemTime
GetThreadTimes
CreateEventW
CreateFileMappingA
IsDBCSLeadByteEx
FindFirstFileA
MultiByteToWideChar
CompareStringW
GetOverlappedResult
GetTimeZoneInformation
GetSystemDirectoryA
TerminateProcess
MulDiv
Beep
IsProcessorFeaturePresent
GetSystemTimeAdjustment
CreateEventA
Sleep
GetLocaleInfoW
WideCharToMultiByte
OpenProcess
TlsSetValue
GetProcessTimes
SetCommTimeouts
GetCommandLineA
ClearCommBreak
GetSystemTimeAsFileTime
ExpandEnvironmentStringsA
GetTickCount
WaitForSingleObjectEx
ConnectNamedPipe
SetCommBreak
WaitForSingleObject
GetEnvironmentStringsW
SetEnvironmentVariableW
GetCommState
SetEndOfFile
GetCPInfo
MapViewOfFile
GlobalMemoryStatus
CreateFileA
GetEnvironmentVariableW
GetCommandLineW
ExitProcess
LocalFree
FindNextFileA
GetModuleFileNameA
CreatePipe
GetFileType
GlobalFree
IsValidCodePage
GetStartupInfoW
GetACP
CreateFileW
InitializeCriticalSectionAndSpinCount
GetCurrentThread
GlobalLock
SetHandleInformation
HeapFree
QueryPerformanceCounter
FreeLibrary
CreateTimerQueueTimer
DeleteCriticalSection
LeaveCriticalSection
CloseHandle
DuplicateHandle
GetCurrentProcess
GetCurrentThreadId
GetExitCodeThread
EnterCriticalSection
WriteConsoleW

user32

RegisterClassA
ToAsciiEx
ClientToScreen
SetCursor
HideCaret
GetWindowRect
GetMessageW
TrackPopupMenu
IsIconic
DrawIconEx
DeleteMenu
LoadIconA
GetWindowInfo
MessageBeep
GetWindowTextLengthA
BeginPaint
GetDoubleClickTime
CreateIconIndirect
WaitMessage
GetCapture
InflateRect
CreateDialogIndirectParamA
GetWindowPlacement
GetWindowTextA
SetPropA
CheckMenuRadioItem
SetWindowLongA
MessageBoxA
UnionRect
SystemParametersInfoW
SetClassLongA
DrawStateW
GetDlgItem
EndDialog
SetWindowsHookExA
DestroyCaret
ShowWindow
CreatePopupMenu
RemoveMenu
CreateWindowExW
CheckRadioButton
MessageBoxW
SystemParametersInfoA
ScrollWindowEx
GetSystemMetrics
InsertMenuA
ValidateRgn
SendMessageW
UpdateWindow
DestroyMenu
ToUnicode
DrawFrameControl
SetDlgItemTextA
SetScrollInfo
CopyRect
RemovePropA
CreateCaret
ShowOwnedPopups
CreateMenu
ShowCaret
SetScrollRange
GetDC
PeekMessageA
ScrollWindow
GetDesktopWindow
GetSysColor
CheckDlgButton
IsDlgButtonChecked
DrawMenuBar
EnableScrollBar
RegisterClassW
SetWindowTextA
EndMenu
GetCaretBlinkTime
CheckMenuItem
TranslateMDISysAccel

gdi32

ExtCreatePen
CreatePolygonRgn
MoveToEx
SetWindowOrgEx
SetLayout
TranslateCharsetInfo
GetWindowOrgEx
Arc
GetMetaFileBitsEx
GetCharacterPlacementW
CreateHatchBrush
DeleteDC
Polygon
GetDeviceCaps
StretchBlt
GetDIBits
SetBkColor
SetDIBColorTable
CopyEnhMetaFileA
ExcludeClipRect
GdiFlush
CreateHalftonePalette
GetRgnBox
GetEnhMetaFileHeader
CreateBitmap
GetRegionData
DeleteObject
SelectObject
SelectClipRgn
PtInRegion
CreatePenIndirect
PlayEnhMetaFile
CombineRgn
SetMapMode
OffsetRgn
ExtCreateRegion
RealizePalette
StretchDIBits
GetBkColor
SelectPalette
GetDIBColorTable
GetNearestPaletteIndex
CreateRectRgn
GetCharWidth32A
GetTextExtentPointA
GetCharABCWidthsFloatA
GetSystemPaletteEntries
CreatePen
RectVisible
SetTextAlign
CreateDIBitmap
GetStockObject
RestoreDC
UpdateColors
CreateSolidBrush
EndPage
GetTextExtentPoint32A
LineTo
SetTextColor
MaskBlt
CreateFontIndirectA
SetPixel
CreatePalette
GetPaletteEntries
CreateRectRgnIndirect
GetObjectType
GetTextExtentPointW
CreateBitmapIndirect
SetStretchBltMode
SetViewportExtEx
IntersectClipRect
GetPixel
SetWinMetaFileBits
ExtTextOutA
SetViewportOrgEx

advapi32

GetLengthSid
SetSecurityDescriptorDacl
RegDeleteKeyA
RegQueryValueExW
EqualSid
OpenProcessToken
RegCloseKey
GetUserNameA
AllocateAndInitializeSid
RegDeleteValueA
RegOpenKeyExA
CopySid

ole32

CoTaskMemFree

Sections

.text
Size: 528KB - Virtual size: 527KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6.0MB - Virtual size: 6.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fUvFj
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b221f1870cc59353e5629e45f7164b2a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

Sections

.text Size: 528KB - Virtual size: 527KB

.data Size: 6.0MB - Virtual size: 6.0MB

.idata Size: 8KB - Virtual size: 7KB

.fUvFj Size: 4KB - Virtual size: 3KB

.reloc Size: 13KB - Virtual size: 13KB

.text
Size: 528KB - Virtual size: 527KB

.data
Size: 6.0MB - Virtual size: 6.0MB

.idata
Size: 8KB - Virtual size: 7KB

.fUvFj
Size: 4KB - Virtual size: 3KB

.reloc
Size: 13KB - Virtual size: 13KB