4aa398030fa123d5ee21788cc951f19864b2aff92e22d87ef77ab14d006b85c3 | Triage

Sharing

General

Target

2024-05-03_2356db4b7d446403982ced9cafb3eee2_bkransomware
Size

71KB
Sample

240503-nzjrxadg5v
MD5

2356db4b7d446403982ced9cafb3eee2
SHA1

b9cced7c713acc1c7313e02402fb68ffb9a9e361
SHA256

4aa398030fa123d5ee21788cc951f19864b2aff92e22d87ef77ab14d006b85c3
SHA512

134a0b6c231b4458ccbee3c7fea2044d67273846cf5373844676c68b76c76c7946126d1ed7f69fde149338ccfea46ed859a3666a261811762732f8d0e5fb3276
SSDEEP

1536:Fc897UsWjcd9w+AyabjDbxE+MwmvlDuazT0:ZhpAyazIlyazT0

Score

7^/10

persistence spyware stealer

Malware Config

Targets

- Target
  
  2024-05-03_2356db4b7d446403982ced9cafb3eee2_bkransomware
- Size
  
  71KB
- MD5
  
  2356db4b7d446403982ced9cafb3eee2
- SHA1
  
  b9cced7c713acc1c7313e02402fb68ffb9a9e361
- SHA256
  
  4aa398030fa123d5ee21788cc951f19864b2aff92e22d87ef77ab14d006b85c3
- SHA512
  
  134a0b6c231b4458ccbee3c7fea2044d67273846cf5373844676c68b76c76c7946126d1ed7f69fde149338ccfea46ed859a3666a261811762732f8d0e5fb3276
- SSDEEP
  
  1536:Fc897UsWjcd9w+AyabjDbxE+MwmvlDuazT0:ZhpAyazIlyazT0
Score

7^/10

persistence spyware stealer
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2

persistencespywarestealer