2024-08-22_52346c3d8295d9fe050c09febbd7ec48_bkransomware | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-08-22_52346c3d8295d9fe050c09febbd7ec48_bkransomware
Size

80.6MB
MD5

52346c3d8295d9fe050c09febbd7ec48
SHA1

4b0d05c09c9a5b8cbf767018bfd61e701c4e58fe
SHA256

dd3b3509a064debc20c40ac8bb93b70f7ffbd231010733c5afa561d0e6316d47
SHA512

5998a85508f70940d632524a39c2ffe04568731636312e673856ecdec2518bc15d705ca63ab0b9a6a9515b2401f55d9013e36bb523859365d68decfe6c01a4e9
SSDEEP

3072:XujuVgwYsAp6wXhZIevIyyzQ351wboutvBk:XujpwYXUwEuyCTeoS5k

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-08-22_52346c3d8295d9fe050c09febbd7ec48_bkransomware

Files

2024-08-22_52346c3d8295d9fe050c09febbd7ec48_bkransomware
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 46KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE