b7b066a77ec79f811f75b96770fe1d1e9f02ca6c9d4898bfc298101230347f7a | Triage

Sharing

General

Target

2024-05-23_7b63d6078b19f01a820afc4d1c85662a_bkransomware
Size

108KB
Sample

240523-d9cq8scg92
MD5

7b63d6078b19f01a820afc4d1c85662a
SHA1

ade3d124ef86295121e9eb2d4fba6ca4f0aba570
SHA256

b7b066a77ec79f811f75b96770fe1d1e9f02ca6c9d4898bfc298101230347f7a
SHA512

e1847bbe027a5cb9137850b29d0d633824be2959ec6f78d5159ddfb72f9626605ef13c792be348235e21a13a667daf9d85026172033540204bea4b58e913eb89
SSDEEP

1536:Fc897UsWjcd9w+AyabjDbxE+MwmvlDuazTMhUaV76teZBSft2yWFx:ZhpAyazIlyazToVqevSfY/Fx

Score

7^/10

persistence spyware stealer

Malware Config

Targets

- Target
  
  2024-05-23_7b63d6078b19f01a820afc4d1c85662a_bkransomware
- Size
  
  108KB
- MD5
  
  7b63d6078b19f01a820afc4d1c85662a
- SHA1
  
  ade3d124ef86295121e9eb2d4fba6ca4f0aba570
- SHA256
  
  b7b066a77ec79f811f75b96770fe1d1e9f02ca6c9d4898bfc298101230347f7a
- SHA512
  
  e1847bbe027a5cb9137850b29d0d633824be2959ec6f78d5159ddfb72f9626605ef13c792be348235e21a13a667daf9d85026172033540204bea4b58e913eb89
- SSDEEP
  
  1536:Fc897UsWjcd9w+AyabjDbxE+MwmvlDuazTMhUaV76teZBSft2yWFx:ZhpAyazIlyazToVqevSfY/Fx
Score

7^/10

persistence spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2

persistencespywarestealer