Analysis

  • max time kernel
    120s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    08/06/2024, 07:09

General

  • Target

    2024-06-08_be2ee644c0d13dc05c1a719db78bb927_bkransomware.exe

  • Size

    637KB

  • MD5

    be2ee644c0d13dc05c1a719db78bb927

  • SHA1

    208d2c66a8541115b01b4e75ca8bd76b9a3d7d27

  • SHA256

    23ab7d46bb36d982290c9b5b836bf214c1619a8663a1b8984113103c89832c56

  • SHA512

    50064b89be93198c777a843baa720d669a3d27c3c21fe88d79e985474db925ce8811eed7cd3d38696186f68540dcad3e126907489f3944b4aea58437eeda87fb

  • SSDEEP

    12288:92Ka2pRmH6ysvWsmYDMtNhkxh3dfhg4OQYZeVHgMkakT/xdV+hoJ/R:9fvlmYDMt0ZuZeVeT/xX+hoJ

Score
1/10

Malware Config

Signatures

  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-06-08_be2ee644c0d13dc05c1a719db78bb927_bkransomware.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-06-08_be2ee644c0d13dc05c1a719db78bb927_bkransomware.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:2004

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\TMSetup.txt

          Filesize

          3KB

          MD5

          d93cec6b66214bac893d246e0af30fb4

          SHA1

          91bed9f06611b40db89dba4a30e418836789e37d

          SHA256

          f51a5d314775d3e99ca90be2f29df9ccba815371b8a6cec38f4fbf7239b842f4

          SHA512

          bcfcbaa258aca14fd1bb2b5a9feb4585dae3020c3176ed385c93e6cf6855943df736e205fd55009822f0517117077081fd3ae632e97923e7d635b3503dc64015

        • C:\Users\Admin\AppData\Local\Temp\TMSetup.txt

          Filesize

          4KB

          MD5

          8aee935f049755b8bd22c663c78e6882

          SHA1

          c37cb2f9085ac5fadb317a7895f22e6b4c500a8b

          SHA256

          3c8d742397959988ad61b80667290c5c28c0d25e45efb86082422ad143c56372

          SHA512

          0865717ddd6dfeb7d3ffdabff09f92b28d7477817d78277675e1a26c395bf56cf162c15ec53507536e9d509bf7ce450eff9259c36f2e3c231f7474b3982795de

        • C:\Users\Admin\AppData\Local\Temp\TMSetup.txt

          Filesize

          2KB

          MD5

          818ad96f10bcdc2ca3dd1b5ca8c21f70

          SHA1

          c010ee39153952635fbc54af5c60ec85abd94239

          SHA256

          1f02d2bb43dc321b41276a8e63c0c6e767bbcfc6efd941f592db150159414df1

          SHA512

          84b463f49c6c5e501f6f570ae6be8bcf0c2d0b28596ca91ef8f327294d583783ffc950cada6aeb5dc9e93b170a39403c76fa2dacf7aba0dba66a8a7c4654e57b