5c4e414a9df742c7f3bac4ca14282d038dbfa96eac4c87570ecd67de7159c2f5 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

2024-05-11...re.exe

windows7-x64

7

2024-05-11...re.exe

windows10-2004-x64

7

Sharing

General

Target

2024-05-11_05438e7dd1965623cd07875ca8d1ec17_bkransomware
Size

1.8MB
Sample

240512-xxqbcaca4w
MD5

05438e7dd1965623cd07875ca8d1ec17
SHA1

74f1bf2ac9af65c8495947fdf1fa6d9025c17e0e
SHA256

5c4e414a9df742c7f3bac4ca14282d038dbfa96eac4c87570ecd67de7159c2f5
SHA512

15c88c42762502a076d1f1ba4abc31ec047427ee10a28eb808b31ab1dcc1eae171351936522971f42ffbf6bcb7347a91ca2ba131950e9b7151f45e2a5c64c3d5
SSDEEP

49152:TE19+ApwXk1QE1RzsEQPaxHNm3OPV6Vp:093wXmoKe3C6Vp

Score

7^/10

spyware stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

2024-05-11_05438e7dd1965623cd07875ca8d1ec17_bkransomware.exe

Resource

win7-20240508-en

spyware stealer

windows7-x64

17 signatures

150 seconds

Behavioral task

behavioral2

Sample

2024-05-11_05438e7dd1965623cd07875ca8d1ec17_bkransomware.exe

Resource

win10v2004-20240508-en

spyware stealer

windows10-2004-x64

14 signatures

150 seconds

Malware Config

Targets

- Target
  
  2024-05-11_05438e7dd1965623cd07875ca8d1ec17_bkransomware
- Size
  
  1.8MB
- MD5
  
  05438e7dd1965623cd07875ca8d1ec17
- SHA1
  
  74f1bf2ac9af65c8495947fdf1fa6d9025c17e0e
- SHA256
  
  5c4e414a9df742c7f3bac4ca14282d038dbfa96eac4c87570ecd67de7159c2f5
- SHA512
  
  15c88c42762502a076d1f1ba4abc31ec047427ee10a28eb808b31ab1dcc1eae171351936522971f42ffbf6bcb7347a91ca2ba131950e9b7151f45e2a5c64c3d5
- SSDEEP
  
  49152:TE19+ApwXk1QE1RzsEQPaxHNm3OPV6Vp:093wXmoKe3C6Vp
Score

7^/10

spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy