2024-09-21_ecf9dca47649a621d2ccf979722ff9dc_bkransomware_drokbk_karagany | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-09-21_ecf9dca47649a621d2ccf979722ff9dc_bkransomware_drokbk_karagany
Size

4.2MB
MD5

ecf9dca47649a621d2ccf979722ff9dc
SHA1

0334a0578b31406d0f93bca14922065250c8b9f3
SHA256

1a5c30870bff28b9b8ccca752990823cf46a728e711c41def4c812d8a01609af
SHA512

e65c197326056b3d348ee01151a0d2de8d603565a06e23315f0e69f9b3ef8a0a55917045309b26dfa49027ea23c65dd371d9f4d4ec7ad791322899226f44ac5c
SSDEEP

98304:mhpizYc6e3QAj8qdGRH7FGyDb+uHcozw8SAGTFaavGdZiOohb:0izD92RtDb+uHcvHzTFaaudZiR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-09-21_ecf9dca47649a621d2ccf979722ff9dc_bkransomware_drokbk_karagany

Files

2024-09-21_ecf9dca47649a621d2ccf979722ff9dc_bkransomware_drokbk_karagany
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ