Overview

overview

7

Static

static

3

2024-05-11...re.exe

windows7-x64

7

2024-05-11...re.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    2024-05-11_129e83537acca69c81942cfc10dbcaa5_bkransomware

  • Size

    918KB

  • Sample

    240512-yff7sagb86

  • MD5

    129e83537acca69c81942cfc10dbcaa5

  • SHA1

    ddb6bd4ae108e1504cdace10bd3d3d1dba8b8f7b

  • SHA256

    0ff12991f0c0397e3e893444dc448e9795c3ba7e94608633a7829d2de923165e

  • SHA512

    c2467c186d38b85da452e1fb2349c3972a73f799f3a18cde6602e1d9bbd9706de1f8433f0c54f9f19aac148c13af07aa268a836c88c0395f88118df0323aa7ef

  • SSDEEP

    12288:hS0d2JEsmFPDM/QARwtftojFVmazZD6q+M8/qTAb0R+zSjRXmrRZwXbUCHGWTzaX:DIio/5QeJVZzgq3KaLtBKwXIVqO

Score
7/10
discoverypersistencespywarestealer

Malware Config

Targets

    • Target

      2024-05-11_129e83537acca69c81942cfc10dbcaa5_bkransomware

    • Size

      918KB

    • MD5

      129e83537acca69c81942cfc10dbcaa5

    • SHA1

      ddb6bd4ae108e1504cdace10bd3d3d1dba8b8f7b

    • SHA256

      0ff12991f0c0397e3e893444dc448e9795c3ba7e94608633a7829d2de923165e

    • SHA512

      c2467c186d38b85da452e1fb2349c3972a73f799f3a18cde6602e1d9bbd9706de1f8433f0c54f9f19aac148c13af07aa268a836c88c0395f88118df0323aa7ef

    • SSDEEP

      12288:hS0d2JEsmFPDM/QARwtftojFVmazZD6q+M8/qTAb0R+zSjRXmrRZwXbUCHGWTzaX:DIio/5QeJVZzgq3KaLtBKwXIVqO

    Score
    7/10
    persistencespywarestealerdiscovery

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks