9931340fecead361b76a4070ceac2503fc17a10423f2c2c84b37cac503e52030 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-09_2621cfc2e22757f4565a3a6af2be12e5_bkransomware
Size

71KB
Sample

240509-w4xtbsgd7x
MD5

2621cfc2e22757f4565a3a6af2be12e5
SHA1

385ccb7bc002d8ecf4b783000e0060badc3cb65b
SHA256

9931340fecead361b76a4070ceac2503fc17a10423f2c2c84b37cac503e52030
SHA512

6b4c99d272d843d9b5f94e894cf31d6e666fa71bb5847c6f15f5b06e4ee7da9c621d0ca3b154123f04839541de7dc80591a8d8309e12edcdf34e09333183c4e3
SSDEEP

1536:Fc8N7UsWjcd9w+AyabjDbxE+MwmvlzuazTl:ZRpAyazIliazTl

Score

7^/10

persistence spyware stealer

Malware Config

Targets

- Target
  
  2024-05-09_2621cfc2e22757f4565a3a6af2be12e5_bkransomware
- Size
  
  71KB
- MD5
  
  2621cfc2e22757f4565a3a6af2be12e5
- SHA1
  
  385ccb7bc002d8ecf4b783000e0060badc3cb65b
- SHA256
  
  9931340fecead361b76a4070ceac2503fc17a10423f2c2c84b37cac503e52030
- SHA512
  
  6b4c99d272d843d9b5f94e894cf31d6e666fa71bb5847c6f15f5b06e4ee7da9c621d0ca3b154123f04839541de7dc80591a8d8309e12edcdf34e09333183c4e3
- SSDEEP
  
  1536:Fc8N7UsWjcd9w+AyabjDbxE+MwmvlzuazTl:ZRpAyazIliazTl
Score

7^/10

persistence spyware stealer
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2

persistencespywarestealer