General
-
Target
2024-05-23_78974cff0bb93e59f13be0e144721cd5_bkransomware
-
Size
15.7MB
-
Sample
240523-javqnahd85
-
MD5
78974cff0bb93e59f13be0e144721cd5
-
SHA1
16bb5867be143503a743813ac1f1d4bacaa07b7e
-
SHA256
13538ed711a737fa7969c6a8babef2c424eca2e3514af4a99c2a3ca6b49ae9fe
-
SHA512
1b3c04142e9b2fbdf142bff8da80931b310a61072a269247712d36ec8d48db523170c9684c570a2161c26fb63ed4df0d25b0fa0a073212fc27df857a2792a504
-
SSDEEP
393216:guTr6T7nbNhsLcQAkpK+QupT4+7ZN03Jx3/:guTrWrbNCLcQAAKPaf05N
Static task
static1
Behavioral task
behavioral1
Sample
2024-05-23_78974cff0bb93e59f13be0e144721cd5_bkransomware.exe
Resource
win7-20240215-en
Malware Config
Targets
-
-
Target
2024-05-23_78974cff0bb93e59f13be0e144721cd5_bkransomware
-
Size
15.7MB
-
MD5
78974cff0bb93e59f13be0e144721cd5
-
SHA1
16bb5867be143503a743813ac1f1d4bacaa07b7e
-
SHA256
13538ed711a737fa7969c6a8babef2c424eca2e3514af4a99c2a3ca6b49ae9fe
-
SHA512
1b3c04142e9b2fbdf142bff8da80931b310a61072a269247712d36ec8d48db523170c9684c570a2161c26fb63ed4df0d25b0fa0a073212fc27df857a2792a504
-
SSDEEP
393216:guTr6T7nbNhsLcQAkpK+QupT4+7ZN03Jx3/:guTrWrbNCLcQAAKPaf05N
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-