e9992d48eef44fa97ad03ac3f04c9fd79011ecfdbd7ba613b7cff2e26efb0ed6 | Triage

Submit
Reports

Overview

overview

7

Static

static

3

2024-04-28...re.exe

windows7-x64

7

2024-04-28...re.exe

windows10-2004-x64

7

Sharing

General

Target

2024-04-28_c70473aebfc4ae6d27e6e9598c402bb1_bkransomware
Size

712KB
Sample

240428-mb23xadd94
MD5

c70473aebfc4ae6d27e6e9598c402bb1
SHA1

5dd1068699e3d3e0eede76f762f162ba10808552
SHA256

e9992d48eef44fa97ad03ac3f04c9fd79011ecfdbd7ba613b7cff2e26efb0ed6
SHA512

a6220e86748ece3c326468dc31f7545abb8c4d17ae5febddeac44e0db86d3e9d0dd8fbd5d77917ed24fec2cc9906a10d61af44f29bade74c7885e96f8f9145ce
SSDEEP

12288:/tOw6Baq3FN92mrRUDkDTYNmN3Rus3SAFYq8Noz9qirzrEX1fsd7TOoOTd:16Bj1N3RUDHNmdPCAaq8Nozgi/rE0TOj

Score

7^/10

spyware stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

2024-04-28_c70473aebfc4ae6d27e6e9598c402bb1_bkransomware.exe

Resource

win7-20231129-en

spyware stealer

windows7-x64

16 signatures

150 seconds

Behavioral task

behavioral2

Sample

2024-04-28_c70473aebfc4ae6d27e6e9598c402bb1_bkransomware.exe

Resource

win10v2004-20240226-en

spyware stealer

windows10-2004-x64

14 signatures

150 seconds

Malware Config

Targets

- Target
  
  2024-04-28_c70473aebfc4ae6d27e6e9598c402bb1_bkransomware
- Size
  
  712KB
- MD5
  
  c70473aebfc4ae6d27e6e9598c402bb1
- SHA1
  
  5dd1068699e3d3e0eede76f762f162ba10808552
- SHA256
  
  e9992d48eef44fa97ad03ac3f04c9fd79011ecfdbd7ba613b7cff2e26efb0ed6
- SHA512
  
  a6220e86748ece3c326468dc31f7545abb8c4d17ae5febddeac44e0db86d3e9d0dd8fbd5d77917ed24fec2cc9906a10d61af44f29bade74c7885e96f8f9145ce
- SSDEEP
  
  12288:/tOw6Baq3FN92mrRUDkDTYNmN3Rus3SAFYq8Noz9qirzrEX1fsd7TOoOTd:16Bj1N3RUDHNmdPCAaq8Nozgi/rE0TOj
Score

7^/10

spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

System Information Discovery

Query Registry

Peripheral Device Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy