5de09149abf63f4c8a087b1fe280aebd09623d98707f8c79b096aa790af2669b | Triage

Sharing

General

Target

2024-04-26_96c1742741a797990d9aa1b82138f075_bkransomware
Size

71KB
Sample

240426-kdcjxscg38
MD5

96c1742741a797990d9aa1b82138f075
SHA1

0ad7aee93b1335b1d286d9d287d77bb5ccd4f6b8
SHA256

5de09149abf63f4c8a087b1fe280aebd09623d98707f8c79b096aa790af2669b
SHA512

d004555358e6c82e497fa00949f1453ac8c11655d3a61d79e793d57d768cb6f0bd4cecd0d3e590f95ea6c15ec4ce33c57468f6a07fd8847e82a4739654d26c38
SSDEEP

1536:Fc897UsWjcd9w+AyabjDbxE+MwmvlDuazTp:ZhpAyazIlyazTp

Score

7^/10

persistence spyware stealer

Malware Config

Targets

- Target
  
  2024-04-26_96c1742741a797990d9aa1b82138f075_bkransomware
- Size
  
  71KB
- MD5
  
  96c1742741a797990d9aa1b82138f075
- SHA1
  
  0ad7aee93b1335b1d286d9d287d77bb5ccd4f6b8
- SHA256
  
  5de09149abf63f4c8a087b1fe280aebd09623d98707f8c79b096aa790af2669b
- SHA512
  
  d004555358e6c82e497fa00949f1453ac8c11655d3a61d79e793d57d768cb6f0bd4cecd0d3e590f95ea6c15ec4ce33c57468f6a07fd8847e82a4739654d26c38
- SSDEEP
  
  1536:Fc897UsWjcd9w+AyabjDbxE+MwmvlDuazTp:ZhpAyazIlyazTp
Score

7^/10

persistence spyware stealer
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2

persistencespywarestealer