631b34d8ed91665e29597ee1d80ea29fd713a8d92c809ce29826bce969aa8027 | Triage

Sharing

General

Target

2024-05-21_ef846a72a62332fdedb7fec0375b6d7b_bkransomware
Size

96KB
Sample

240521-tjjd4abc37
MD5

ef846a72a62332fdedb7fec0375b6d7b
SHA1

1926eb7099c6bbdc50c03c97f1e71642ecc809bf
SHA256

631b34d8ed91665e29597ee1d80ea29fd713a8d92c809ce29826bce969aa8027
SHA512

936576e43959f1067575bf5cf458bcc70ad376dcb7550a49be7f26f75871bafda1d6018bd76a5b6d4bfdbd5529da7a3481d1ea5e93ea9bf1e9650bfe56135168
SSDEEP

1536:Fc897UsWjcd9w+AyabjDbxE+MwmvlDuazTK3Qdu++54H0wg2:ZhpAyazIlyazTKghLHhg2

Score

7^/10

persistence spyware stealer

Malware Config

Targets

- Target
  
  2024-05-21_ef846a72a62332fdedb7fec0375b6d7b_bkransomware
- Size
  
  96KB
- MD5
  
  ef846a72a62332fdedb7fec0375b6d7b
- SHA1
  
  1926eb7099c6bbdc50c03c97f1e71642ecc809bf
- SHA256
  
  631b34d8ed91665e29597ee1d80ea29fd713a8d92c809ce29826bce969aa8027
- SHA512
  
  936576e43959f1067575bf5cf458bcc70ad376dcb7550a49be7f26f75871bafda1d6018bd76a5b6d4bfdbd5529da7a3481d1ea5e93ea9bf1e9650bfe56135168
- SSDEEP
  
  1536:Fc897UsWjcd9w+AyabjDbxE+MwmvlDuazTK3Qdu++54H0wg2:ZhpAyazIlyazTKghLHhg2
Score

7^/10

persistence spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2

persistencespywarestealer