ff75a73a7a841d20cc79927bde6adbcaa52a907804de14406ffba7683d20fa00 | Triage

Sharing

General

Target

2024-04-28_2810f130f7c9476332d676d4269800ca_bkransomware
Size

214KB
Sample

240428-mw3j6sdh96
MD5

2810f130f7c9476332d676d4269800ca
SHA1

01b2955d41b5668c1b01ad4acd820c237e3f0ba6
SHA256

ff75a73a7a841d20cc79927bde6adbcaa52a907804de14406ffba7683d20fa00
SHA512

764e73aee1e595682dd3c8d1d77c0cee408235c775b9aced46e430e1575929d0a21c36a03ac13dfa86bb870588408e602f182e72f8e7a86b890613668e281e28
SSDEEP

6144:xZ8azvnv4dXkMBVJYsVG/OGygj4WAW0ms:xC0fakMBVOyLEj4M0B

Score

7^/10

persistence spyware stealer

Malware Config

Targets

- Target
  
  2024-04-28_2810f130f7c9476332d676d4269800ca_bkransomware
- Size
  
  214KB
- MD5
  
  2810f130f7c9476332d676d4269800ca
- SHA1
  
  01b2955d41b5668c1b01ad4acd820c237e3f0ba6
- SHA256
  
  ff75a73a7a841d20cc79927bde6adbcaa52a907804de14406ffba7683d20fa00
- SHA512
  
  764e73aee1e595682dd3c8d1d77c0cee408235c775b9aced46e430e1575929d0a21c36a03ac13dfa86bb870588408e602f182e72f8e7a86b890613668e281e28
- SSDEEP
  
  6144:xZ8azvnv4dXkMBVJYsVG/OGygj4WAW0ms:xC0fakMBVOyLEj4M0B
Score

7^/10

persistence spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2

persistencespywarestealer