8c7014d28123d35c27fb87345dd0bcc49646d10a73ade7b8809e462fe25a14e9 | Triage

Sharing

General

Target

2024-04-24_71e7a06c271aec4c2a44a40d61eab362_bkransomware
Size

96KB
Sample

240424-2dqj8aah29
MD5

71e7a06c271aec4c2a44a40d61eab362
SHA1

74a41d86f791f9fd75ba3de55e1009e3cf312994
SHA256

8c7014d28123d35c27fb87345dd0bcc49646d10a73ade7b8809e462fe25a14e9
SHA512

43659dbb0aeeffe747287c622e8286838b4a6eb3dd2009d032f3b6fff883ffd0f9d153915837b16d614e9faab46b61c11910d9cc460ed7ff31a0b86615c99735
SSDEEP

1536:Fc8N7UsWjcd9w+AyabjDbxE+MwmvlzuazTNy+iYU2O0oBeejRklkwmA:ZRpAyazIliazTIlY3ueejGlkwmA

Score

7^/10

persistence spyware stealer

Malware Config

Targets

- Target
  
  2024-04-24_71e7a06c271aec4c2a44a40d61eab362_bkransomware
- Size
  
  96KB
- MD5
  
  71e7a06c271aec4c2a44a40d61eab362
- SHA1
  
  74a41d86f791f9fd75ba3de55e1009e3cf312994
- SHA256
  
  8c7014d28123d35c27fb87345dd0bcc49646d10a73ade7b8809e462fe25a14e9
- SHA512
  
  43659dbb0aeeffe747287c622e8286838b4a6eb3dd2009d032f3b6fff883ffd0f9d153915837b16d614e9faab46b61c11910d9cc460ed7ff31a0b86615c99735
- SSDEEP
  
  1536:Fc8N7UsWjcd9w+AyabjDbxE+MwmvlzuazTNy+iYU2O0oBeejRklkwmA:ZRpAyazIliazTIlY3ueejGlkwmA
Score

7^/10

persistence spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2

persistencespywarestealer