Extended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
Static task
static1
Behavioral task
behavioral1
Sample
Ransomware.BadRabbit.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
Ransomware.BadRabbit.exe
Resource
win10v2004-20231215-en
Target
Ransomware.BadRabbit.zip
Size
394KB
MD5
e180bc4df144544dd905fcf6f9978960
SHA1
46a24f3fd8890ce52b2eba23f2166a84c2b3a7dd
SHA256
8e4e9f9ee9f568e2e5307b8a878ffce824478c5c9f1b023b3b92a87060a2d6b5
SHA512
4aedf32a400485acbc029545506cccaf1d132e4a896148092e2f5e19da2331e53bea0ca0e56142381243cc7511c7ddd6b5d78609b538db3734e21c44feb534eb
SSDEEP
6144:DSIyTrSHTDTEb/KCo2gd1Fu/S3I7WjiXdU7Hx61GfQ/FgEQPTRLPucKPMq:VHTFVd1FujW9Lx6l/3ElKpD
ExtKeyUsageTimeStamping
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageCodeSigning
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageTimeStamping
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
ExitProcess
GetCommandLineW
GetFileSize
CreateProcessW
HeapAlloc
HeapFree
GetModuleHandleW
GetProcessHeap
WriteFile
GetSystemDirectoryW
ReadFile
GetModuleFileNameW
CreateFileW
lstrcatW
CloseHandle
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
SetUnhandledExceptionFilter
wsprintfW
CommandLineToArgvW
wcsstr
memcpy
free
malloc
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ