General
-
Target
2024-04-28_4f066e06832b52809535893aaab40c27_bkransomware
-
Size
3.6MB
-
Sample
240428-m5p1faeb65
-
MD5
4f066e06832b52809535893aaab40c27
-
SHA1
0340dbf44ff675804fb5fe3e3a8f1dbe98fb0832
-
SHA256
14b3839126a0bf08e5db258d89f4e90dab0c3d6358d2780d5a481345053ee32b
-
SHA512
1b5f54c5f3b59a2409e729a1f1d9e8329d960ae106f0561c235e3bbf842f27ac17784d8450582845c143b004c19bb3fd45a0b65e4b7b924d2cfac1a8207b138d
-
SSDEEP
98304:Dx3ARTD3rh5A5pipdNQ7cEgS2/u5odw1/jOrujo:+FVi5UpdcV2uCdwFarujo
Static task
static1
Behavioral task
behavioral1
Sample
2024-04-28_4f066e06832b52809535893aaab40c27_bkransomware.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
2024-04-28_4f066e06832b52809535893aaab40c27_bkransomware.exe
Resource
win10v2004-20240419-en
Malware Config
Targets
-
-
Target
2024-04-28_4f066e06832b52809535893aaab40c27_bkransomware
-
Size
3.6MB
-
MD5
4f066e06832b52809535893aaab40c27
-
SHA1
0340dbf44ff675804fb5fe3e3a8f1dbe98fb0832
-
SHA256
14b3839126a0bf08e5db258d89f4e90dab0c3d6358d2780d5a481345053ee32b
-
SHA512
1b5f54c5f3b59a2409e729a1f1d9e8329d960ae106f0561c235e3bbf842f27ac17784d8450582845c143b004c19bb3fd45a0b65e4b7b924d2cfac1a8207b138d
-
SSDEEP
98304:Dx3ARTD3rh5A5pipdNQ7cEgS2/u5odw1/jOrujo:+FVi5UpdcV2uCdwFarujo
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-