General

  • Target

    2024-05-24_8b2a2c495d9daaba27121e4d98078a64_bkransomware

  • Size

    13.3MB

  • Sample

    240524-n137yagf58

  • MD5

    8b2a2c495d9daaba27121e4d98078a64

  • SHA1

    792591360b1799abac3b3122cdc03d257a4e6da8

  • SHA256

    fd8c7e02d7f75b8a3db79fcb1c111a6bef08d1ee901b7d9b6006bbe6322a8e17

  • SHA512

    060fe3f4543671ea51f87c774dbdb0d8fb1ae454f259cf91fdb6298197a7db0d423801aab83641b222c046d258aa4d6c6c6a2cb450080e429c45ff7415053c16

  • SSDEEP

    393216:xs67sfpd6d9ZJooUI3l1sUlZTJI9ccpQyB:xIf0qoj3XTHKcUB

Malware Config

Targets

    • Target

      2024-05-24_8b2a2c495d9daaba27121e4d98078a64_bkransomware

    • Size

      13.3MB

    • MD5

      8b2a2c495d9daaba27121e4d98078a64

    • SHA1

      792591360b1799abac3b3122cdc03d257a4e6da8

    • SHA256

      fd8c7e02d7f75b8a3db79fcb1c111a6bef08d1ee901b7d9b6006bbe6322a8e17

    • SHA512

      060fe3f4543671ea51f87c774dbdb0d8fb1ae454f259cf91fdb6298197a7db0d423801aab83641b222c046d258aa4d6c6c6a2cb450080e429c45ff7415053c16

    • SSDEEP

      393216:xs67sfpd6d9ZJooUI3l1sUlZTJI9ccpQyB:xIf0qoj3XTHKcUB

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v15

Tasks