2024-10-18_a1b338a63169050613156d09be5eae22_bkransomware

Sharing

Copy URL

Twitter E-mail

General

Target

2024-10-18_a1b338a63169050613156d09be5eae22_bkransomware
Size

20.6MB
MD5

a1b338a63169050613156d09be5eae22
SHA1

0a809cc73336ee42fdeda5a89bc4e1cf5e60a1ad
SHA256

8da5da5c220ea0228bad20687c5accdd926df12bc2ed7cc7b3d71eea07bdc455
SHA512

fa27d1ea4ebfcc483143757cdd7077b127cf3c541a58c006f365f200845337e4776e601cd3738ffa667424741d15dce0bf9740804a016890a981a3d8b43c4630
SSDEEP

393216:jDvjrBGFgxTX996+r32F+rDxSPv4OYcYdkc3lGWOTrjLxdYpi6uY8:jDpb/GFqIPv4Xcbc3cJjL36

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-10-18_a1b338a63169050613156d09be5eae22_bkransomware

Files

2024-10-18_a1b338a63169050613156d09be5eae22_bkransomware
.exe windows:6 windows x86 arch:x86

7146eec7e20ca6975ede1a5da37a3803

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\whqdoc\Code\whqDevelop\公司打包程序-五驱动\MakePackage\Release\HsUpHost.pdb

Imports

kernel32

GetStartupInfoW
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
GetTimeZoneInformation
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetStdHandle
WriteConsoleW
GetStringTypeW
GetDateFormatW
GetTimeFormatW
LCMapStringW
IsValidLocale
EnumSystemLocalesW
GetDriveTypeW
SetEnvironmentVariableA
VirtualQuery
VirtualAlloc
GetSystemInfo
HeapQueryInformation
GetFileType
SetStdHandle
ExitThread
GetModuleHandleExW
RtlUnwind
SetFilePointerEx
GetConsoleCP
ReadConsoleW
GetConsoleMode
IsProcessorFeaturePresent
IsDebuggerPresent
GetSystemTimeAsFileTime
GetCommandLineW
GetUserDefaultLCID
VirtualProtect
GetTempPathW
GetTempFileNameW
GetProfileIntW
SearchPathW
GetWindowsDirectoryW
SetErrorMode
GetFileSizeEx
GetFileAttributesExW
VerifyVersionInfoW
VerSetConditionMask
lstrcmpiW
GetCurrentProcess
DuplicateHandle
UnlockFile
LockFile
GetVolumeInformationW
GetFullPathNameW
GetCurrentDirectoryW
GetThreadLocale
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
GlobalGetAtomNameW
FileTimeToSystemTime
FileTimeToLocalFileTime
lstrcpyW
lstrcmpA
GetVersionExW
GetCurrentThread
CopyFileW
FormatMessageW
LocalFree
GlobalFree
GlobalSize
GlobalAlloc
GetCurrentProcessId
MulDiv
GlobalUnlock
GlobalLock
GlobalFindAtomW
GlobalAddAtomW
LoadLibraryA
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
GetModuleHandleA
FreeResource
GetSystemDirectoryW
InitializeCriticalSectionAndSpinCount
EncodePointer
OutputDebugStringA
RemoveDirectoryW
GetExitCodeProcess
CreateProcessW
ExitProcess
GetModuleHandleW
LocalFileTimeToFileTime
SetFileAttributesW
DosDateTimeToFileTime
TlsGetValue
TlsSetValue
FindNextFileW
FindClose
FindFirstFileW
FreeLibrary
GetCurrentThreadId
GetTickCount
GetProcAddress
LoadLibraryW
GetFileAttributesW
CreateDirectoryW
TlsAlloc
CreateThread
ResumeThread
ReleaseMutex
WaitForMultipleObjects
SetThreadPriority
CreateMutexW
DecodePointer
LockResource
HeapSize
RaiseException
InitializeCriticalSectionEx
GetModuleFileNameW
SizeofResource
WideCharToMultiByte
GetProcessHeap
HeapFree
HeapAlloc
LoadResource
FindResourceW
FindResourceExW
HeapReAlloc
Sleep
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
GetPrivateProfileIntW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetFileTime
CreateFileMappingW
MoveFileW
SetLastError
GetLastError
FlushFileBuffers
CreateFileW
ReadFile
WriteFile
SetFileTime
FlushViewOfFile
SetEndOfFile
UnmapViewOfFile
MapViewOfFile
SetFilePointer
GetFileSize
CloseHandle
CreateEventW
SetEvent
WaitForSingleObject
MultiByteToWideChar
OutputDebugStringW
DeleteFileW

user32

SetRect
InvalidateRgn
CopyAcceleratorTableW
CharNextW
KillTimer
SetTimer
DeleteMenu
SetCapture
WaitMessage
RealChildWindowFromPoint
LoadCursorW
GetSysColorBrush
CopyImage
SystemParametersInfoW
GetMenuItemInfoW
DestroyMenu
SendDlgItemMessageA
DrawStateW
SetCursor
ShowOwnedPopups
TranslateMessage
GetMessageW
GetDesktopWindow
GetActiveWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
MapDialogRect
SetWindowContextHelpId
PostQuitMessage
IntersectRect
InflateRect
RemoveMenu
InsertMenuW
GetMenuState
GetMenuStringW
GetWindowThreadProcessId
FillRect
EndPaint
BeginPaint
ReleaseDC
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
IsDialogMessageW
SetWindowTextW
IsWindowEnabled
CheckDlgButton
SetDlgItemTextW
MoveWindow
ShowWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetWindow
GetLastActivePopup
GetTopWindow
GetClassNameW
GetClassLongW
SetWindowLongW
PtInRect
EqualRect
CopyRect
GetDoubleClickTime
ScreenToClient
IsRectEmpty
GetWindowTextLengthW
GetWindowTextW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
ValidateRect
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
UpdateWindow
TrackPopupMenu
GetMenuItemCount
GetMenuItemID
SetMenu
GetMenu
GetKeyState
GetFocus
SetFocus
GetDlgCtrlID
GetDlgItem
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
DestroyWindow
IsChild
IsWindow
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
PeekMessageW
DispatchMessageW
RegisterWindowMessageW
GetSubMenu
LoadMenuW
IsClipboardFormatAvailable
GetKeyNameTextW
InvertRect
EnableWindow
GetSysColor
GetWindowLongW
HideCaret
GetIconInfo
DrawIcon
GetSystemMetrics
IsIconic
AppendMenuW
GetSystemMenu
LoadIconW
MessageBoxW
UnregisterClassW
GetWindowRect
GetClientRect
PostMessageW
GetNextDlgGroupItem
GetParent
ReleaseCapture
InvalidateRect
ClientToScreen
GetDC
SetWindowRgn
LoadBitmapW
DrawFocusRect
OffsetRect
DrawEdge
SendMessageW
MessageBeep
TrackMouseEvent
IsZoomed
GetWindowRgn
SubtractRect
CreateMenu
GetUpdateRect
WindowFromPoint
GetCursorPos
GetCapture
GetComboBoxInfo
MapVirtualKeyExW
IsCharLowerW
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
AdjustWindowRectEx
DestroyCursor
PostThreadMessageW
FrameRect
CopyIcon
SetCursorPos
DestroyAcceleratorTable
CreateAcceleratorTableW
CharUpperW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
ModifyMenuW
LockWindowUpdate
CharUpperBuffW
SetParent
SetClassLongW
DrawFrameControl
DrawIconEx
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
RegisterClipboardFormatW
ReuseDDElParam
UnpackDDElParam
LoadImageW
InsertMenuItemW
TranslateAcceleratorW
LoadAcceleratorsW
BringWindowToTop
EnumDisplayMonitors
SetLayeredWindowAttributes
DestroyIcon
MonitorFromPoint
UnionRect
EnableScrollBar
UpdateLayeredWindow
IsMenu
SetMenuDefaultItem
GetMenuDefaultItem
CreatePopupMenu
NotifyWinEvent
SetRectEmpty
MapWindowPoints
GetAsyncKeyState
MapVirtualKeyW

gdi32

GetObjectType
GetStockObject
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
ExtSelectClipRgn
SelectPalette
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
MoveToEx
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CopyMetaFileW
CreateDCW
CreateFontIndirectW
CreateRectRgnIndirect
GetMapMode
PatBlt
SetRectRgn
GetDeviceCaps
GetTextExtentPoint32W
GetBkColor
GetTextColor
GetRgnBox
GetTextMetricsW
CreateRoundRectRgn
CreateDIBSection
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
RealizePalette
SetPixel
SetDIBColorTable
OffsetRgn
CreateEllipticRgn
Ellipse
CreatePolygonRgn
Polygon
Polyline
Rectangle
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
ExtFloodFill
SetPaletteEntries
RoundRect
EnumFontFamiliesExW
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetViewportOrgEx
LPtoDP
GetWindowOrgEx
SetPixelV
GetTextFaceW
GetClipBox
ExcludeClipRect
Escape
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateBitmap
SetTextColor
SetBkColor
CreateSolidBrush
CombineRgn
CreateRectRgn
GetPixel
SelectClipRgn
DeleteDC
StretchBlt
BitBlt
CreateCompatibleBitmap
SelectObject
CreateCompatibleDC
GetObjectW
DPtoLP
DeleteObject

msimg32

AlphaBlend
TransparentBlt

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegCreateKeyExW
SetSecurityDescriptorDacl
RegEnumKeyExW
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegDeleteValueW
RegDeleteKeyW
InitializeSecurityDescriptor
RegSetValueExW
RegOpenKeyW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
GetLengthSid
FreeSid
AddAccessAllowedAce
AllocateAndInitializeSid
InitializeAcl

shell32

ShellExecuteW
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetMalloc
SHGetSpecialFolderLocation
SHGetDesktopFolder
SHAppBarMessage
SHGetSpecialFolderPathW
DragFinish
DragQueryFileW
SHGetFileInfoW

comctl32

_TrackMouseEvent
InitCommonControlsEx

shlwapi

SHDeleteKeyW
PathFindExtensionW
PathFindFileNameW
PathIsUNCW
PathStripToRootW
PathRemoveFileSpecW
StrFormatKBSizeW

uxtheme

GetThemePartSize
GetWindowTheme
IsAppThemed
DrawThemeText
GetThemeSysColor
IsThemeBackgroundPartiallyTransparent
GetCurrentThemeName
GetThemeColor
DrawThemeBackground
CloseThemeData
DrawThemeParentBackground
OpenThemeData

ole32

OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CoDisconnectObject
CoInitialize
CoCreateInstance
CLSIDFromProgID
CLSIDFromString
CoUninitialize
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLockRunning
RevokeDragDrop
OleFlushClipboard
OleIsCurrentClipboard
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
CoRegisterMessageFilter
CoRevokeClassObject
CoInitializeEx
CreateStreamOnHGlobal
CoCreateGuid
DoDragDrop

oleaut32

LoadTypeLi
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
SysAllocString
VariantCopy
VarBstrFromDate
OleCreateFontIndirect
VariantChangeType
SysFreeString
VariantClear
SysAllocStringLen
VariantInit

oledlg

OleUIBusyW

gdiplus

GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown
GdipDrawImageRectI

winmm

timeKillEvent
PlaySoundW

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmGetContext
ImmReleaseContext
ImmGetOpenStatus

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 376KB - Virtual size: 375KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18.5MB - Virtual size: 18.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 128KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7146eec7e20ca6975ede1a5da37a3803

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

winmm

oleacc

imm32

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 376KB - Virtual size: 375KB

.data Size: 30KB - Virtual size: 61KB

.rsrc Size: 18.5MB - Virtual size: 18.5MB

.reloc Size: 128KB - Virtual size: 127KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 376KB - Virtual size: 375KB

.data
Size: 30KB - Virtual size: 61KB

.rsrc
Size: 18.5MB - Virtual size: 18.5MB

.reloc
Size: 128KB - Virtual size: 127KB