dcd26232071ef65c117d6b07bbc2e1c225a6d75978ed1b9f96327fb73686ceb0 | Triage

Submit
Reports

Overview

overview

7

Static

static

3

2024-05-21...re.exe

windows7-x64

7

2024-05-21...re.exe

windows10-2004-x64

7

Sharing

General

Target

2024-05-21_f7b3b13f12e7d9c61a0be731afee14d9_bkransomware
Size

712KB
Sample

240521-pyl2baec7x
MD5

f7b3b13f12e7d9c61a0be731afee14d9
SHA1

c1d16361cb724e30e1b4eecbcb7b21739bfb15ee
SHA256

dcd26232071ef65c117d6b07bbc2e1c225a6d75978ed1b9f96327fb73686ceb0
SHA512

17c770003c41b1f6617cb9e086a604868602673f08634c8518ea9617d46751dcac4bce0ac542aac0629b01fd4de6cd65ff83815f70d89e051750f8a614cdab97
SSDEEP

12288:rtOw6BaL6JvY67VMBNO/aXpXI22+VufvdIOKek1h4TA8bXQJYe:Z6B86J17W8CX32+KJNA80T

Score

7^/10

spyware stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

2024-05-21_f7b3b13f12e7d9c61a0be731afee14d9_bkransomware.exe

Resource

win7-20240419-en

spyware stealer

windows7-x64

16 signatures

150 seconds

Behavioral task

behavioral2

Sample

2024-05-21_f7b3b13f12e7d9c61a0be731afee14d9_bkransomware.exe

Resource

win10v2004-20240426-en

spyware stealer

windows10-2004-x64

14 signatures

150 seconds

Malware Config

Targets

- Target
  
  2024-05-21_f7b3b13f12e7d9c61a0be731afee14d9_bkransomware
- Size
  
  712KB
- MD5
  
  f7b3b13f12e7d9c61a0be731afee14d9
- SHA1
  
  c1d16361cb724e30e1b4eecbcb7b21739bfb15ee
- SHA256
  
  dcd26232071ef65c117d6b07bbc2e1c225a6d75978ed1b9f96327fb73686ceb0
- SHA512
  
  17c770003c41b1f6617cb9e086a604868602673f08634c8518ea9617d46751dcac4bce0ac542aac0629b01fd4de6cd65ff83815f70d89e051750f8a614cdab97
- SSDEEP
  
  12288:rtOw6BaL6JvY67VMBNO/aXpXI22+VufvdIOKek1h4TA8bXQJYe:Z6B86J17W8CX32+KJNA80T
Score

7^/10

spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy