1fcad26d2165a0c8d289af8ee3246ee0253d583aa3e5e877e9ee16c9ff732312 | Triage

Submit
Reports

Overview

overview

9

Static

static

3

2024-04-30...mi.exe

windows7-x64

9

2024-04-30...mi.exe

windows10-2004-x64

9

Sharing

General

Target

2024-04-30_f6091790caec3b3225997d6be07aa16d_bkransomware_karagany_wapomi
Size

100KB
Sample

240430-eezsysbe95
MD5

f6091790caec3b3225997d6be07aa16d
SHA1

97726a02c7051ab68ff44e97dd061988e706a5e9
SHA256

1fcad26d2165a0c8d289af8ee3246ee0253d583aa3e5e877e9ee16c9ff732312
SHA512

4bbae8bcd64b03d26ecc4762e689daa2bd09530fab86008b31a2607f939e95b23d0c9c32f0cc551cab5d4381d14f763dadb8a40790ad7ae94dc5443b85ed529a
SSDEEP

1536:62RJ8zIfEMBreBSoeKcTZV5MuzcekgksWjcdKa9PGCq2iW7z/:62RcQSlNACW3LKKGCHr

Score

9^/10

aspackv2

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

2024-04-30_f6091790caec3b3225997d6be07aa16d_bkransomware_karagany_wapomi.exe

Resource

win7-20240221-en

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

2024-04-30_f6091790caec3b3225997d6be07aa16d_bkransomware_karagany_wapomi.exe

Resource

win10v2004-20240419-en

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  2024-04-30_f6091790caec3b3225997d6be07aa16d_bkransomware_karagany_wapomi
- Size
  
  100KB
- MD5
  
  f6091790caec3b3225997d6be07aa16d
- SHA1
  
  97726a02c7051ab68ff44e97dd061988e706a5e9
- SHA256
  
  1fcad26d2165a0c8d289af8ee3246ee0253d583aa3e5e877e9ee16c9ff732312
- SHA512
  
  4bbae8bcd64b03d26ecc4762e689daa2bd09530fab86008b31a2607f939e95b23d0c9c32f0cc551cab5d4381d14f763dadb8a40790ad7ae94dc5443b85ed529a
- SSDEEP
  
  1536:62RJ8zIfEMBreBSoeKcTZV5MuzcekgksWjcdKa9PGCq2iW7z/:62RcQSlNACW3LKKGCHr
Score

9^/10

aspackv2
- Detects executables packed with ASPack
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy