2024-05-08_8ad452310db16c8efeb4960445aacc9f_bkransomware_karagany

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-08_8ad452310db16c8efeb4960445aacc9f_bkransomware_karagany
Size

433KB
MD5

8ad452310db16c8efeb4960445aacc9f
SHA1

fa3abbe570c184e3f6792a83e3442a48f94556e9
SHA256

92cd877568dd0bfde2b9ee18f659640cafa7f542498a8961f3b735036f2ee633
SHA512

d268eca919b0a7c8ac90124e27e3a298fcfad2111878ca433e97c3775f6e5983576e2ed45b8dd14ace7c46ba8d73767834f4a1016cf79d77ddb53a4c5aaa98a1
SSDEEP

12288:arzVq6iboZQIE9adAi8L/z88eWXLO5pJtM3FiRuW0zWdgnHgfq:yq6iboZQIE9adAi8L/z88eWXLO5pJtMV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-08_8ad452310db16c8efeb4960445aacc9f_bkransomware_karagany

Files

2024-05-08_8ad452310db16c8efeb4960445aacc9f_bkransomware_karagany
.exe windows:5 windows x86 arch:x86

77a6863cda7a0c717b90a8c22916a64a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
FindClose
CloseHandle
GetLocalTime
FormatMessageW
MapViewOfFile
UnmapViewOfFile
CreateEventW
OpenEventW
CreateFileMappingW
OpenFileMappingW
LoadLibraryW
GetModuleFileNameW
GetPrivateProfileIntW
GetPrivateProfileStringW
WritePrivateProfileStringW
RemoveDirectoryW
CreateFileW
GetFileAttributesW
DeleteFileW
FindFirstFileW
FindNextFileW
CopyFileW
WideCharToMultiByte
LocalFree
Sleep
OutputDebugStringW
LoadLibraryExW
GetConsoleMode
GetConsoleCP
FlushFileBuffers
SetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetFileType
GetStdHandle
GetModuleHandleExW
ExitProcess
GetProcessHeap
LCMapStringW
DeleteCriticalSection
RtlUnwind
LeaveCriticalSection
WaitForSingleObject
SetEvent
SetLastError
GetLastError
SetFilePointerEx
CreateThread
GetProcAddress
FreeLibrary
WriteConsoleW
EnterCriticalSection
DecodePointer
HeapSize
EncodePointer
GetStringTypeW
GetCurrentThreadId
GetCPInfo
GetOEMCP
IsValidCodePage
GetModuleHandleW
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
IsDebuggerPresent
IsProcessorFeaturePresent
MultiByteToWideChar
GetACP
HeapFree
HeapAlloc
HeapReAlloc
GetCommandLineW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
GetCurrentProcess

user32

KillTimer
wsprintfW
GetMessageW
GetParent
GetWindowPlacement
LoadIconW
LoadCursorW
GetDesktopWindow
SetWindowLongW
GetWindowLongW
FillRect
TranslateMessage
GetClientRect
InvalidateRect
EndPaint
BeginPaint
SetForegroundWindow
UpdateWindow
MessageBoxW
SetTimer
SetDlgItemTextW
GetDlgItem
CreateDialogParamW
SetWindowPos
ShowWindow
DestroyWindow
CreateWindowExW
RegisterClassExW
CallWindowProcW
PostQuitMessage
DefWindowProcW
PostMessageW
SendMessageW
DispatchMessageW

gdi32

SetBkMode
SetBkColor
DeleteObject
CreateSolidBrush
SetTextColor

advapi32

SetSecurityDescriptorDacl
InitializeSecurityDescriptor

shell32

ShellExecuteW
SHGetSpecialFolderLocation
Shell_NotifyIconW
SHFileOperationW
ShellExecuteExW
SHGetMalloc
SHGetPathFromIDListW

ole32

CoCreateInstance
CoUninitialize
CoInitialize

oleaut32

VariantInit

shlwapi

ord172
ord176
PathIsDirectoryW

Sections

.text
Size: 61KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 61KB - Virtual size: 241KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 281KB - Virtual size: 280KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

77a6863cda7a0c717b90a8c22916a64a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

Sections

.text Size: 61KB - Virtual size: 60KB

.rdata Size: 24KB - Virtual size: 23KB

.data Size: 61KB - Virtual size: 241KB

.rsrc Size: 281KB - Virtual size: 280KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 61KB - Virtual size: 60KB

.rdata
Size: 24KB - Virtual size: 23KB

.data
Size: 61KB - Virtual size: 241KB

.rsrc
Size: 281KB - Virtual size: 280KB

.reloc
Size: 4KB - Virtual size: 4KB