76182839fedf03f84dc5b962b447521df50d5985fa13a1e08c8680a3f644a00f | Triage

Submit
Reports

Overview

overview

7

Static

static

3

2024-05-22...re.exe

windows7-x64

7

2024-05-22...re.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-22_2e203b80e0b2beeda861990e9f50f299_bkransomware
Size

712KB
Sample

240522-y9kgasfd5x
MD5

2e203b80e0b2beeda861990e9f50f299
SHA1

dc1ae218ee7487f78ed7144a56e573f7a1118e66
SHA256

76182839fedf03f84dc5b962b447521df50d5985fa13a1e08c8680a3f644a00f
SHA512

32377f66d6b2ee9dc1ce2890762adde7898e748a3ea14375d97edb6a58f5c6d85072a1530a6e19e5601dee887200770441a52d322736c40f1fb1d49551e98e74
SSDEEP

12288:CtOw6Ba2geKznl5TXJR0j3p2pVUrrQuLoWTF23JVbd0UILzXSocmKdYNq6:86BJ7ozX0j52pMkuLoiSJVlIL29mhNq6

Score

7^/10

spyware stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

2024-05-22_2e203b80e0b2beeda861990e9f50f299_bkransomware.exe

Resource

win7-20240419-en

spyware stealer

windows7-x64

16 signatures

150 seconds

Behavioral task

behavioral2

Sample

2024-05-22_2e203b80e0b2beeda861990e9f50f299_bkransomware.exe

Resource

win10v2004-20240508-en

spyware stealer

windows10-2004-x64

14 signatures

150 seconds

Malware Config

Targets

- Target
  
  2024-05-22_2e203b80e0b2beeda861990e9f50f299_bkransomware
- Size
  
  712KB
- MD5
  
  2e203b80e0b2beeda861990e9f50f299
- SHA1
  
  dc1ae218ee7487f78ed7144a56e573f7a1118e66
- SHA256
  
  76182839fedf03f84dc5b962b447521df50d5985fa13a1e08c8680a3f644a00f
- SHA512
  
  32377f66d6b2ee9dc1ce2890762adde7898e748a3ea14375d97edb6a58f5c6d85072a1530a6e19e5601dee887200770441a52d322736c40f1fb1d49551e98e74
- SSDEEP
  
  12288:CtOw6Ba2geKznl5TXJR0j3p2pVUrrQuLoWTF23JVbd0UILzXSocmKdYNq6:86BJ7ozX0j52pMkuLoiSJVlIL29mhNq6
Score

7^/10

spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy