1b6779819997bf86ae3522e3ca87692490c4754cd5a7494acdfc85b2e0360ad4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-05_253c6526ab879eaea08506e1ddf990b5_bkransomware
Size

71KB
Sample

240505-as94magf51
MD5

253c6526ab879eaea08506e1ddf990b5
SHA1

2983300c22bac55f294efdd821ac8dd38e1b3343
SHA256

1b6779819997bf86ae3522e3ca87692490c4754cd5a7494acdfc85b2e0360ad4
SHA512

c9b7aaff004cfbb44fd5cd1212e67e1705fdcff7d6677337f198d24d17f094ac899393963fd5ed31531c2547aab50ca8e1d63903cc2546ee2f10e29fde7d5ce6
SSDEEP

1536:Fc897UsWjcd9w+AyabjDbxE+MwmvlDuazTj:ZhpAyazIlyazTj

Score

7^/10

persistence spyware stealer

Malware Config

Targets

- Target
  
  2024-05-05_253c6526ab879eaea08506e1ddf990b5_bkransomware
- Size
  
  71KB
- MD5
  
  253c6526ab879eaea08506e1ddf990b5
- SHA1
  
  2983300c22bac55f294efdd821ac8dd38e1b3343
- SHA256
  
  1b6779819997bf86ae3522e3ca87692490c4754cd5a7494acdfc85b2e0360ad4
- SHA512
  
  c9b7aaff004cfbb44fd5cd1212e67e1705fdcff7d6677337f198d24d17f094ac899393963fd5ed31531c2547aab50ca8e1d63903cc2546ee2f10e29fde7d5ce6
- SSDEEP
  
  1536:Fc897UsWjcd9w+AyabjDbxE+MwmvlDuazTj:ZhpAyazIlyazTj
Score

7^/10

persistence spyware stealer
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2

persistencespywarestealer