fc737c06f39636c60d85be8b7612337e8c132cf089e250458d9e88b76046586a | Triage

Sharing

General

Target

2024-05-22_c5b6e457b5fb55f74a3b0dc1c260c5f5_bkransomware
Size

321KB
Sample

240522-zjx55sfh7w
MD5

c5b6e457b5fb55f74a3b0dc1c260c5f5
SHA1

0e13f5f96d9ab579f77da700a118a85eb9b4b62e
SHA256

fc737c06f39636c60d85be8b7612337e8c132cf089e250458d9e88b76046586a
SHA512

0bea6327fe8ba4f4da4d1e13c20c99d9766676f8bcd1a6da993d107be83a8e4be67b578b0a53d4a7279022f3b17fa900a35f243682e6f5a035187d2683843838
SSDEEP

6144:xZ8azcOCNXarguTb0GvvlKyIGwb0bsuPArdVpD/WJc:xC0cTq0OD3JIRwfAxVL

Score

7^/10

persistence spyware stealer

Malware Config

Targets

- Target
  
  2024-05-22_c5b6e457b5fb55f74a3b0dc1c260c5f5_bkransomware
- Size
  
  321KB
- MD5
  
  c5b6e457b5fb55f74a3b0dc1c260c5f5
- SHA1
  
  0e13f5f96d9ab579f77da700a118a85eb9b4b62e
- SHA256
  
  fc737c06f39636c60d85be8b7612337e8c132cf089e250458d9e88b76046586a
- SHA512
  
  0bea6327fe8ba4f4da4d1e13c20c99d9766676f8bcd1a6da993d107be83a8e4be67b578b0a53d4a7279022f3b17fa900a35f243682e6f5a035187d2683843838
- SSDEEP
  
  6144:xZ8azcOCNXarguTb0GvvlKyIGwb0bsuPArdVpD/WJc:xC0cTq0OD3JIRwfAxVL
Score

7^/10

persistence spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2

persistencespywarestealer