338a2419881ff32babc3e806ff0d2cf6b485eb27a9aa3deb9dedd99c5fffcbc4 | Triage

Sharing

General

Target

2024-04-28_749479b2a0fb7eae1e1e386a6e5b2fad_bkransomware
Size

71KB
Sample

240428-m92j2aec74
MD5

749479b2a0fb7eae1e1e386a6e5b2fad
SHA1

2d68947ec779a3d50528ccc93fa0519250242aa1
SHA256

338a2419881ff32babc3e806ff0d2cf6b485eb27a9aa3deb9dedd99c5fffcbc4
SHA512

a1df19e04cc1d5a3de6fa6c0924b47d963cb59dc8e373d57a7d6c5f49f8cd9a439932e9dcb235641d8613d52b1a7d7c4e22b7fb584a01b8bc84da6f304d5b46a
SSDEEP

1536:Fc8N7UsWjcd9w+AyabjDbxE+MwmvlzuazTM:ZRpAyazIliazTM

Score

7^/10

persistence spyware stealer

Malware Config

Targets

- Target
  
  2024-04-28_749479b2a0fb7eae1e1e386a6e5b2fad_bkransomware
- Size
  
  71KB
- MD5
  
  749479b2a0fb7eae1e1e386a6e5b2fad
- SHA1
  
  2d68947ec779a3d50528ccc93fa0519250242aa1
- SHA256
  
  338a2419881ff32babc3e806ff0d2cf6b485eb27a9aa3deb9dedd99c5fffcbc4
- SHA512
  
  a1df19e04cc1d5a3de6fa6c0924b47d963cb59dc8e373d57a7d6c5f49f8cd9a439932e9dcb235641d8613d52b1a7d7c4e22b7fb584a01b8bc84da6f304d5b46a
- SSDEEP
  
  1536:Fc8N7UsWjcd9w+AyabjDbxE+MwmvlzuazTM:ZRpAyazIliazTM
Score

7^/10

persistence spyware stealer
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2

persistencespywarestealer