Overview

overview

7

Static

static

3

2024-04-28...re.exe

windows7-x64

7

2024-04-28...re.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-04-28_ec1f6305e06564efb9b8552327f8eed2_bkransomware

  • Size

    28.0MB

  • Sample

    240428-xp1r4seh5w

  • MD5

    ec1f6305e06564efb9b8552327f8eed2

  • SHA1

    422d90377a959278be55158f42fdaec16af925db

  • SHA256

    744748e93af9462359490c1982181f838ba70332cb9deb6f3635d5b69d13dad8

  • SHA512

    ed5e580e733bcd858ec54c0e63d6836c6e1415717f50c720b9567c55f9494b52c4daaffc64428d20a4c525be5725930dba51a7cc3f044cd37aef24c68bbe288d

  • SSDEEP

    786432:mNSx9bbKv4/4Ezdsh/Z+m+OWGWIuoaMheuY3gmq11t:mNSx1Kv4AEpU/Zporo0ux3D

Score
7/10
discoverypersistencespywarestealer

Malware Config

Targets

    • Target

      2024-04-28_ec1f6305e06564efb9b8552327f8eed2_bkransomware

    • Size

      28.0MB

    • MD5

      ec1f6305e06564efb9b8552327f8eed2

    • SHA1

      422d90377a959278be55158f42fdaec16af925db

    • SHA256

      744748e93af9462359490c1982181f838ba70332cb9deb6f3635d5b69d13dad8

    • SHA512

      ed5e580e733bcd858ec54c0e63d6836c6e1415717f50c720b9567c55f9494b52c4daaffc64428d20a4c525be5725930dba51a7cc3f044cd37aef24c68bbe288d

    • SSDEEP

      786432:mNSx9bbKv4/4Ezdsh/Z+m+OWGWIuoaMheuY3gmq11t:mNSx1Kv4AEpU/Zporo0ux3D

    Score
    7/10
    persistencespywarestealerdiscovery

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks