General

  • Target

    2024-04-24_c16c3e51f5867fcda4a9bd4d0d931ace_bkransomware

  • Size

    71KB

  • Sample

    240424-1egs2aab54

  • MD5

    c16c3e51f5867fcda4a9bd4d0d931ace

  • SHA1

    5ad8040dd7e385c9d06609913f3d492e72c256dc

  • SHA256

    798e5e17c58a763c13cd105048c6fef8ad12d40cd3f334b63689a401d2fedd0d

  • SHA512

    efb5cadc5b59e1fc8e4db9e8d7c8fe7fd2cb5de367f5b25eb6af9b9cf684e89f86b3f5c8503aaf886900bd82ce5b81ac5ea6f12423a024a733e04f552cd42eb8

  • SSDEEP

    1536:Fc8N7UsWjcd9w+AyabjDbxE+MwmvlzuazT78:ZRpAyazIliazT78

Malware Config

Targets

    • Target

      2024-04-24_c16c3e51f5867fcda4a9bd4d0d931ace_bkransomware

    • Size

      71KB

    • MD5

      c16c3e51f5867fcda4a9bd4d0d931ace

    • SHA1

      5ad8040dd7e385c9d06609913f3d492e72c256dc

    • SHA256

      798e5e17c58a763c13cd105048c6fef8ad12d40cd3f334b63689a401d2fedd0d

    • SHA512

      efb5cadc5b59e1fc8e4db9e8d7c8fe7fd2cb5de367f5b25eb6af9b9cf684e89f86b3f5c8503aaf886900bd82ce5b81ac5ea6f12423a024a733e04f552cd42eb8

    • SSDEEP

      1536:Fc8N7UsWjcd9w+AyabjDbxE+MwmvlzuazT78:ZRpAyazIliazT78

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks