e60cdbbcd0091ce0450e45af1021f0eadf75dca1e66c7dc02dbf5cfe3965481e | Triage

Sharing

General

Target

2024-05-24_bc47de6ab74e6387e377739470834afd_bkransomware
Size

159KB
Sample

240524-edpllabh91
MD5

bc47de6ab74e6387e377739470834afd
SHA1

ec1479f70b13eb235d8869011e557117b677b632
SHA256

e60cdbbcd0091ce0450e45af1021f0eadf75dca1e66c7dc02dbf5cfe3965481e
SHA512

ef71ca6edfd6dd04383c6e449ff4cca0dad8f15206272974bdd7583abbb9eeb965ea2ff398fa5f2bc3c88c0b27b4752f742719a73740fb4bebbc53dc38290ef5
SSDEEP

3072:ZhpAyazIlyazTZklTPyhvZIxtuyjgW2YftbvN6WyqWri:hZMaztOuhCWfW2sbvei

Score

7^/10

persistence spyware stealer

Malware Config

Targets

- Target
  
  2024-05-24_bc47de6ab74e6387e377739470834afd_bkransomware
- Size
  
  159KB
- MD5
  
  bc47de6ab74e6387e377739470834afd
- SHA1
  
  ec1479f70b13eb235d8869011e557117b677b632
- SHA256
  
  e60cdbbcd0091ce0450e45af1021f0eadf75dca1e66c7dc02dbf5cfe3965481e
- SHA512
  
  ef71ca6edfd6dd04383c6e449ff4cca0dad8f15206272974bdd7583abbb9eeb965ea2ff398fa5f2bc3c88c0b27b4752f742719a73740fb4bebbc53dc38290ef5
- SSDEEP
  
  3072:ZhpAyazIlyazTZklTPyhvZIxtuyjgW2YftbvN6WyqWri:hZMaztOuhCWfW2sbvei
Score

7^/10

persistence spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2

persistencespywarestealer