c46d21104e2a58d391e0934fbe9fde82d3d8abc9be384d79975edbb7c84e6d05 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-02_f8c39625b93a9d262255af72d2771b08_bkransomware
Size

74KB
Sample

240502-e9plgaha71
MD5

f8c39625b93a9d262255af72d2771b08
SHA1

ee2f2da030486200e5c2763ee2a6c115710d4ecf
SHA256

c46d21104e2a58d391e0934fbe9fde82d3d8abc9be384d79975edbb7c84e6d05
SHA512

bf8dfd5f2f546f2b331147efb3b3ac3801ee03f7045d527e9ce832369cd7ef996e646caab7f6b256eb3dd8b6c039a4cda62caa87c5ca042c320e7f737ec8f553
SSDEEP

1536:Fc897UsWjcd9w+AyabjDbxE+MwmvlDuazT61h0:ZhpAyazIlyazTG0

Score

7^/10

persistence spyware stealer

Malware Config

Targets

- Target
  
  2024-05-02_f8c39625b93a9d262255af72d2771b08_bkransomware
- Size
  
  74KB
- MD5
  
  f8c39625b93a9d262255af72d2771b08
- SHA1
  
  ee2f2da030486200e5c2763ee2a6c115710d4ecf
- SHA256
  
  c46d21104e2a58d391e0934fbe9fde82d3d8abc9be384d79975edbb7c84e6d05
- SHA512
  
  bf8dfd5f2f546f2b331147efb3b3ac3801ee03f7045d527e9ce832369cd7ef996e646caab7f6b256eb3dd8b6c039a4cda62caa87c5ca042c320e7f737ec8f553
- SSDEEP
  
  1536:Fc897UsWjcd9w+AyabjDbxE+MwmvlDuazT61h0:ZhpAyazIlyazTG0
Score

7^/10

persistence spyware stealer
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2

persistencespywarestealer