General

  • Target

    2024-05-10_bb67884c73f0b65bca139475e0dc1b08_bkransomware

  • Size

    71KB

  • Sample

    240510-tzsygaaa68

  • MD5

    bb67884c73f0b65bca139475e0dc1b08

  • SHA1

    4d6be9a72ff864a081679f6c120555887c136fea

  • SHA256

    aa7ba767eddc92eb05c97623c5c0c0a4c5e016b8ae59743806e10dc116265710

  • SHA512

    bea877b21a9bf34be743478284659184608f7c52b575e4fb9b7b6a2648b582caca016bf5ff5c17ac5903ccc353d5605aef017420099b0787726a640a23f3c66c

  • SSDEEP

    1536:Fc897UsWjcd9w+AyabjDbxE+MwmvlDuazTt:ZhpAyazIlyazTt

Malware Config

Targets

    • Target

      2024-05-10_bb67884c73f0b65bca139475e0dc1b08_bkransomware

    • Size

      71KB

    • MD5

      bb67884c73f0b65bca139475e0dc1b08

    • SHA1

      4d6be9a72ff864a081679f6c120555887c136fea

    • SHA256

      aa7ba767eddc92eb05c97623c5c0c0a4c5e016b8ae59743806e10dc116265710

    • SHA512

      bea877b21a9bf34be743478284659184608f7c52b575e4fb9b7b6a2648b582caca016bf5ff5c17ac5903ccc353d5605aef017420099b0787726a640a23f3c66c

    • SSDEEP

      1536:Fc897UsWjcd9w+AyabjDbxE+MwmvlDuazTt:ZhpAyazIlyazTt

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks