1a900607d0b90eb2731b15b3e881237a1b20560e3718a2c250580540aefa42ac | Triage

Sharing

General

Target

2024-04-26_584876fc3c8902bddc115deb6622ff00_bkransomware
Size

71KB
Sample

240426-fbpdgsaa86
MD5

584876fc3c8902bddc115deb6622ff00
SHA1

b4f750f290729e4451a3dd3b7f715397d5b93f92
SHA256

1a900607d0b90eb2731b15b3e881237a1b20560e3718a2c250580540aefa42ac
SHA512

bc2b1a1880ffbd09ec0e843afb6cc337cf4303014a85413155c460b5457c1fad11099d1b1ec8754e018a4e483a4112f7ac5222d7c1610276dcc195be9fa47784
SSDEEP

1536:Fc897UsWjcd9w+AyabjDbxE+MwmvlDuazTs:ZhpAyazIlyazTs

Score

7^/10

persistence spyware stealer

Malware Config

Targets

- Target
  
  2024-04-26_584876fc3c8902bddc115deb6622ff00_bkransomware
- Size
  
  71KB
- MD5
  
  584876fc3c8902bddc115deb6622ff00
- SHA1
  
  b4f750f290729e4451a3dd3b7f715397d5b93f92
- SHA256
  
  1a900607d0b90eb2731b15b3e881237a1b20560e3718a2c250580540aefa42ac
- SHA512
  
  bc2b1a1880ffbd09ec0e843afb6cc337cf4303014a85413155c460b5457c1fad11099d1b1ec8754e018a4e483a4112f7ac5222d7c1610276dcc195be9fa47784
- SSDEEP
  
  1536:Fc897UsWjcd9w+AyabjDbxE+MwmvlDuazTs:ZhpAyazIlyazTs
Score

7^/10

persistence spyware stealer
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2

persistencespywarestealer