a866ac6a9730ca33291d2e54a5a42ba170512e0a7d5c72db67818b5316a68c17 | Triage

Sharing

General

Target

2024-05-01_5e5e54dd46b67c7716ca25261b03d1f9_bkransomware
Size

71KB
Sample

240501-q21vbagb6s
MD5

5e5e54dd46b67c7716ca25261b03d1f9
SHA1

eeee30a15fb173a19b0df4d5b40c2bc7357b1aa0
SHA256

a866ac6a9730ca33291d2e54a5a42ba170512e0a7d5c72db67818b5316a68c17
SHA512

c07401672f21ac844a45e25bddf07cf3d65a18eca5fba6dc6b0c84b108fecff229560b403b30458e6ed8ae66cafb4f2e23ac10a672dcf8e9a2947b8f1304b0bb
SSDEEP

1536:Fc8N7UsWjcd9w+AyabjDbxE+MwmvlzuazT7:ZRpAyazIliazT7

Score

7^/10

persistence spyware stealer

Malware Config

Targets

- Target
  
  2024-05-01_5e5e54dd46b67c7716ca25261b03d1f9_bkransomware
- Size
  
  71KB
- MD5
  
  5e5e54dd46b67c7716ca25261b03d1f9
- SHA1
  
  eeee30a15fb173a19b0df4d5b40c2bc7357b1aa0
- SHA256
  
  a866ac6a9730ca33291d2e54a5a42ba170512e0a7d5c72db67818b5316a68c17
- SHA512
  
  c07401672f21ac844a45e25bddf07cf3d65a18eca5fba6dc6b0c84b108fecff229560b403b30458e6ed8ae66cafb4f2e23ac10a672dcf8e9a2947b8f1304b0bb
- SSDEEP
  
  1536:Fc8N7UsWjcd9w+AyabjDbxE+MwmvlzuazT7:ZRpAyazIliazT7
Score

7^/10

persistence spyware stealer
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2

persistencespywarestealer