Overview

overview

7

Static

static

3

2024-04-28...re.exe

windows7-x64

7

2024-04-28...re.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-04-28_b314e87a6cb8e5f46833969250810354_bkransomware

  • Size

    645KB

  • Sample

    240428-nfjb2aef71

  • MD5

    b314e87a6cb8e5f46833969250810354

  • SHA1

    e316fc6db6d19ea9535bad2be044b252f0e19360

  • SHA256

    264e3b752677bf98576d8d383b197d7c07b751f0c52318fc9423aada3d63e8df

  • SHA512

    02e558a2f0ecf8934effcbf061ea91c494c7004d05d9ea29ec2c5c76355d0d8cad12ba3c411d032b6971eb7a248ca81f77d5c5cfab97fee4a01be41c785d9a39

  • SSDEEP

    12288:hS0fdSGRtLjozpAa3lIgvrEDudwhJskmz8iw0PH08ksGJLGvQTrNHCHdgskwDbFl:Dc+upplIgADudwhJsHzCwH0pLJLh5Edx

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      2024-04-28_b314e87a6cb8e5f46833969250810354_bkransomware

    • Size

      645KB

    • MD5

      b314e87a6cb8e5f46833969250810354

    • SHA1

      e316fc6db6d19ea9535bad2be044b252f0e19360

    • SHA256

      264e3b752677bf98576d8d383b197d7c07b751f0c52318fc9423aada3d63e8df

    • SHA512

      02e558a2f0ecf8934effcbf061ea91c494c7004d05d9ea29ec2c5c76355d0d8cad12ba3c411d032b6971eb7a248ca81f77d5c5cfab97fee4a01be41c785d9a39

    • SSDEEP

      12288:hS0fdSGRtLjozpAa3lIgvrEDudwhJskmz8iw0PH08ksGJLGvQTrNHCHdgskwDbFl:Dc+upplIgADudwhJsHzCwH0pLJLh5Edx

    Score
    7/10
    persistencespywarestealer

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks