588521f0eea9bce89e593fd591ccab3435353753c4921b0fa6fbd290763a337c | Triage

Sharing

General

Target

2024-04-28_1efce430c2b21deb3fe238459f07f116_bkransomware
Size

71KB
Sample

240428-btrjcadc9y
MD5

1efce430c2b21deb3fe238459f07f116
SHA1

4195b928cd9b2e79bb13efef4285b978afa0767b
SHA256

588521f0eea9bce89e593fd591ccab3435353753c4921b0fa6fbd290763a337c
SHA512

dbf3eeb26a20116670b27a469a4938f5f9fa4853b507ce5c42d8995c6353bc04d40b732fa87eaf1c6289d918605a16bb85371991aa2cef0ee696abab6b2f97b1
SSDEEP

1536:Fc8N7UsWjcd9w+AyabjDbxE+MwmvlzuazTy:ZRpAyazIliazTy

Score

7^/10

persistence spyware stealer

Malware Config

Targets

- Target
  
  2024-04-28_1efce430c2b21deb3fe238459f07f116_bkransomware
- Size
  
  71KB
- MD5
  
  1efce430c2b21deb3fe238459f07f116
- SHA1
  
  4195b928cd9b2e79bb13efef4285b978afa0767b
- SHA256
  
  588521f0eea9bce89e593fd591ccab3435353753c4921b0fa6fbd290763a337c
- SHA512
  
  dbf3eeb26a20116670b27a469a4938f5f9fa4853b507ce5c42d8995c6353bc04d40b732fa87eaf1c6289d918605a16bb85371991aa2cef0ee696abab6b2f97b1
- SSDEEP
  
  1536:Fc8N7UsWjcd9w+AyabjDbxE+MwmvlzuazTy:ZRpAyazIliazTy
Score

7^/10

persistence spyware stealer
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2

persistencespywarestealer