2024-06-13_a2707c93dbc920a247c375709abb8304_bkransomware_karagany

Sharing

Copy URL Twitter E-mail

General

Target

2024-06-13_a2707c93dbc920a247c375709abb8304_bkransomware_karagany
Size

105KB
MD5

a2707c93dbc920a247c375709abb8304
SHA1

8fc44576d8eaeb6dade8c4206dec03dfa4202966
SHA256

2308b94fe8b4eb5736268ea8affc184130c4ed5b49ff60c1a5ed89b56f0d51ef
SHA512

47e5fb5862074165feb9ee3dffd62d3954b8e8685f31c93a964336b55c329a51165265d809ef44dae9891fd8c944743a4ab024df005f591775497935cc35ad75
SSDEEP

1536:fVonwr31wqTU+I+6sP6utZC+StT6jVfXNJqq+jcLtuln8IFsWjcdnjidVhx21bxt:f7AVMCuu+gxq+Stuln8IqnjidVfAbn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-06-13_a2707c93dbc920a247c375709abb8304_bkransomware_karagany

Files

2024-06-13_a2707c93dbc920a247c375709abb8304_bkransomware_karagany
.exe windows:6 windows x86 arch:x86

01438ad557e35ec3def921637a3bfbe7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdiplus

GdiplusStartup
GdiplusShutdown

kernel32

GetStdHandle
WriteConsoleW
SetFilePointerEx
LoadLibraryW
GetProcAddress
FreeLibrary
GetModuleFileNameW
CreateEventW
CloseHandle
WaitForSingleObject
lstrlenW
lstrcpyW
lstrcatW
CreateMutexW
WaitForMultipleObjects
CreateFileMappingW
GetLastError
MapViewOfFile
ResetEvent
CreateThread
SetEvent
UnmapViewOfFile
ReleaseMutex
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
HeapReAlloc
GetCommandLineW
EncodePointer
DecodePointer
HeapFree
RaiseException
RtlUnwind
IsDebuggerPresent
IsProcessorFeaturePresent
HeapAlloc
SetLastError
GetCurrentThreadId
ExitProcess
GetModuleHandleExW
MultiByteToWideChar
WideCharToMultiByte
GetProcessHeap
CreateFileW
GetFileType
DeleteCriticalSection
GetStartupInfoW
WriteFile
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
HeapSize
EnterCriticalSection
LeaveCriticalSection
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
LoadLibraryExW
OutputDebugStringW
GetStringTypeW
LCMapStringW

user32

PeekMessageW
MsgWaitForMultipleObjects
DispatchMessageW
TranslateMessage

ole32

CoUninitialize
CoInitializeEx

Sections

.text
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

01438ad557e35ec3def921637a3bfbe7

Headers

DLL Characteristics

File Characteristics

Imports

gdiplus

kernel32

user32

ole32

Sections

.text Size: 65KB - Virtual size: 65KB

.rdata Size: 27KB - Virtual size: 27KB

.data Size: 5KB - Virtual size: 13KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 65KB - Virtual size: 65KB

.rdata
Size: 27KB - Virtual size: 27KB

.data
Size: 5KB - Virtual size: 13KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 5KB - Virtual size: 4KB