General
-
Target
2024-06-20_c115f276310367495c865a6b9a25b365_bkransomware_karagany
-
Size
1.8MB
-
Sample
240620-saxdxsxfkk
-
MD5
c115f276310367495c865a6b9a25b365
-
SHA1
043b0ffc9d1efd995a02e14ce1263b0ff032fe04
-
SHA256
ea9b6026aea3a93b028e37fd35a4683cff2b64df6f1b7a2f41beaaa93a6acc9e
-
SHA512
b75e92c23af7a2b1bb276690b17e08c82a1b4b25c34e894f5c5c4ae45c923567fedc37a6bd4022c39bdd19b19ed12300f3a85df8837cdbf3a3c10134ba570dd1
-
SSDEEP
24576:zPbuyt09l71Xl65v+JmJuyOC3dCasolj5PRU9xW5Q7wQA5iF7k814QGl6ezyUtKc:zDuyt0/6mmpwK5X5Q7nS3Jt4SfRXbcw
Malware Config
Targets
-
-
Target
2024-06-20_c115f276310367495c865a6b9a25b365_bkransomware_karagany
-
Size
1.8MB
-
MD5
c115f276310367495c865a6b9a25b365
-
SHA1
043b0ffc9d1efd995a02e14ce1263b0ff032fe04
-
SHA256
ea9b6026aea3a93b028e37fd35a4683cff2b64df6f1b7a2f41beaaa93a6acc9e
-
SHA512
b75e92c23af7a2b1bb276690b17e08c82a1b4b25c34e894f5c5c4ae45c923567fedc37a6bd4022c39bdd19b19ed12300f3a85df8837cdbf3a3c10134ba570dd1
-
SSDEEP
24576:zPbuyt09l71Xl65v+JmJuyOC3dCasolj5PRU9xW5Q7wQA5iF7k814QGl6ezyUtKc:zDuyt0/6mmpwK5X5Q7nS3Jt4SfRXbcw
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks whether UAC is enabled
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Pre-OS Boot
1Bootkit
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1