a4ec1baa25d3cd7847ee9913f26a3e8da99d7434553c80d00fe3e24fb47f5dda | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-04_33a935fdf2d85ab2f053c4f544a5f586_bkransomware
Size

71KB
Sample

240504-jc7s1aac48
MD5

33a935fdf2d85ab2f053c4f544a5f586
SHA1

07750d8d1a539d982654ee50c204c4fb7bac39eb
SHA256

a4ec1baa25d3cd7847ee9913f26a3e8da99d7434553c80d00fe3e24fb47f5dda
SHA512

1bbe8d4d8d11d0cc57274a9619de5648223f80dc160eb86f0ca649b2ce44ee56d7ef3f0231de5a519aa7b15051509de00de804650e3650247dd681d8b8e7c75f
SSDEEP

1536:Fc8N7UsWjcd9w+AyabjDbxE+MwmvlzuazTO:ZRpAyazIliazTO

Score

7^/10

persistence spyware stealer

Malware Config

Targets

- Target
  
  2024-05-04_33a935fdf2d85ab2f053c4f544a5f586_bkransomware
- Size
  
  71KB
- MD5
  
  33a935fdf2d85ab2f053c4f544a5f586
- SHA1
  
  07750d8d1a539d982654ee50c204c4fb7bac39eb
- SHA256
  
  a4ec1baa25d3cd7847ee9913f26a3e8da99d7434553c80d00fe3e24fb47f5dda
- SHA512
  
  1bbe8d4d8d11d0cc57274a9619de5648223f80dc160eb86f0ca649b2ce44ee56d7ef3f0231de5a519aa7b15051509de00de804650e3650247dd681d8b8e7c75f
- SSDEEP
  
  1536:Fc8N7UsWjcd9w+AyabjDbxE+MwmvlzuazTO:ZRpAyazIliazTO
Score

7^/10

persistence spyware stealer
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2

persistencespywarestealer