Extended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
Static task
static1
Behavioral task
behavioral1
Sample
2024-06-12_f6680aaa924df0c0b58dd6533b2ced87_bkransomware_karagany.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
2024-06-12_f6680aaa924df0c0b58dd6533b2ced87_bkransomware_karagany.exe
Resource
win10v2004-20240508-en
Target
2024-06-12_f6680aaa924df0c0b58dd6533b2ced87_bkransomware_karagany
Size
1.8MB
MD5
f6680aaa924df0c0b58dd6533b2ced87
SHA1
d5aaffa2e9d92cfb99b42e8de23d83837452365c
SHA256
11969f6223faf66e4ea0d42751d650ac09307b28f7718d794b892f087ae1efe7
SHA512
e33cb12419ecf5dc7d5149c28f8ee28e110c3aca98c79b0bfb90d01a762684963ec46007f02f7d6e7c5b385fe8d141b090009509cca5f0e05b0d0f0fa51f0ae5
SSDEEP
24576:i6AGAwDs8N8xsjIQJO2QPNLY9z3Jz8NTjxSKzdHOEJRbbDTtnn2Ehm+HpF0X:iGsziMmONP1Y9z3x8NVz/zTxn2ErHL0X
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
D:\build.tc\wildspitze\work\fb60121f10014524\3am\products\rescue\Rescue780_Applet\rescue\Applet\native\bin\x86\LMIRescue.pdb
Sleep
lstrcatA
CreateDirectoryA
SetCurrentDirectoryA
FindFirstFileA
GetLastError
GetProcAddress
RemoveDirectoryA
FindClose
LoadLibraryA
FindNextFileA
GetModuleHandleA
GetTempPathA
DeleteFileA
lstrcpyA
CreateFileA
FindResourceA
SetFilePointer
FreeResource
GetWindowsDirectoryA
FormatMessageA
WriteFile
SizeofResource
GetFileAttributesA
CreateProcessA
SetLastError
CopyFileA
LockResource
GetModuleFileNameA
CloseHandle
GetCurrentDirectoryA
HeapAlloc
HeapFree
GetProcessHeap
WriteConsoleW
SetStdHandle
SetFilePointerEx
GetConsoleMode
GetCurrentProcess
FreeLibrary
lstrcpynA
lstrlenA
LoadResource
lstrcmpA
EncodePointer
DecodePointer
ExitProcess
GetModuleHandleExW
MultiByteToWideChar
WideCharToMultiByte
GetCommandLineA
IsProcessorFeaturePresent
IsDebuggerPresent
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
GetStdHandle
GetModuleFileNameW
LoadLibraryExW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCurrentThreadId
GetFileType
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
OutputDebugStringW
HeapSize
HeapReAlloc
LCMapStringW
RtlUnwind
GetStringTypeW
FlushFileBuffers
GetConsoleCP
CreateFileW
wvsprintfA
wsprintfA
MessageBoxA
RegEnumValueA
RegQueryInfoKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ