General

  • Target

    2024-04-30_6893be77d70882136c29b526e45cab67_bkransomware

  • Size

    214KB

  • Sample

    240430-ptnpcafb3x

  • MD5

    6893be77d70882136c29b526e45cab67

  • SHA1

    a03d78538de8fbc631c8917166d86a5bdf35dd72

  • SHA256

    8d3bd5ed40021b8b26668cf1b196663f6146ce716dcf93d26f99af926413d522

  • SHA512

    6272e0acf9d99e41862c4213a91c06eecc252ed6f98863b9d5569f4a65d859e1652a9ffbd4ed46f0d85ea4f10d7f25565d8a768ce1c93f97ba3cd3ac350f568d

  • SSDEEP

    3072:ZRpAyazIliazTUy1FcJtV2KT841u1+qSI/klXuzhAtjzA6yQD90P7fU/dBU403R7:xZ8azFAtx6SIY+taz/y+0P7fp3BGw26

Malware Config

Targets

    • Target

      2024-04-30_6893be77d70882136c29b526e45cab67_bkransomware

    • Size

      214KB

    • MD5

      6893be77d70882136c29b526e45cab67

    • SHA1

      a03d78538de8fbc631c8917166d86a5bdf35dd72

    • SHA256

      8d3bd5ed40021b8b26668cf1b196663f6146ce716dcf93d26f99af926413d522

    • SHA512

      6272e0acf9d99e41862c4213a91c06eecc252ed6f98863b9d5569f4a65d859e1652a9ffbd4ed46f0d85ea4f10d7f25565d8a768ce1c93f97ba3cd3ac350f568d

    • SSDEEP

      3072:ZRpAyazIliazTUy1FcJtV2KT841u1+qSI/klXuzhAtjzA6yQD90P7fU/dBU403R7:xZ8azFAtx6SIY+taz/y+0P7fp3BGw26

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks