21da264c59d1967e01858e5a6ea3f38970aaff20658627e232b3a3d1a424f124 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

K7RansomwareScn.exe
Size

48.0MB
Sample

230602-b2ff2shf9w
MD5

d64398de2a3bed929c41db5846e186b8
SHA1

6cfeca91ba7fbdd7511a847060519be26879c0ef
SHA256

21da264c59d1967e01858e5a6ea3f38970aaff20658627e232b3a3d1a424f124
SHA512

24b6fdfdf37cdafcb8ced3848be4630dc57994a170855223678a03004459076d894e9dda1e8ae683160b66f94da4b9d812f19366a85c5d5200bc26fe4bc44f79
SSDEEP

786432:xHYcnKEfqobFIaevEBFiMif/RpbTbLju4gjR/u5EEFQA+/Zu:pYcnrSoRJ/ifrXu9u5EEo/

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  K7RansomwareScn.exe
- Size
  
  48.0MB
- MD5
  
  d64398de2a3bed929c41db5846e186b8
- SHA1
  
  6cfeca91ba7fbdd7511a847060519be26879c0ef
- SHA256
  
  21da264c59d1967e01858e5a6ea3f38970aaff20658627e232b3a3d1a424f124
- SHA512
  
  24b6fdfdf37cdafcb8ced3848be4630dc57994a170855223678a03004459076d894e9dda1e8ae683160b66f94da4b9d812f19366a85c5d5200bc26fe4bc44f79
- SSDEEP
  
  786432:xHYcnKEfqobFIaevEBFiMif/RpbTbLju4gjR/u5EEFQA+/Zu:pYcnrSoRJ/ifrXu9u5EEo/
Score

7^/10

spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2