676113e6889a3d42495deb705ebd3a82baf4a5d908f7e40f2ac291428b58516e | Triage

Sharing

General

Target

2024-05-24_9cb9e394ab54a7f7c83d85fbe2e4c784_bkransomware
Size

73KB
Sample

240524-n2zadage9x
MD5

9cb9e394ab54a7f7c83d85fbe2e4c784
SHA1

5d57356c08d88dd63a98e6f3858438537ac352f2
SHA256

676113e6889a3d42495deb705ebd3a82baf4a5d908f7e40f2ac291428b58516e
SHA512

68872278376ef56362e8783ee95df6636ddd3cbbd320a5066e7caad1178bd583b0604382a104c5e20aa70a141da9ee5ce0a6ea3d1a6025a0e57ad89eb4d0086f
SSDEEP

1536:Fc8N7UsWjcd9w+AyabjDbxE+MwmvlzuazToFP:ZRpAyazIliazToZ

Score

7^/10

persistence spyware stealer

Malware Config

Targets

- Target
  
  2024-05-24_9cb9e394ab54a7f7c83d85fbe2e4c784_bkransomware
- Size
  
  73KB
- MD5
  
  9cb9e394ab54a7f7c83d85fbe2e4c784
- SHA1
  
  5d57356c08d88dd63a98e6f3858438537ac352f2
- SHA256
  
  676113e6889a3d42495deb705ebd3a82baf4a5d908f7e40f2ac291428b58516e
- SHA512
  
  68872278376ef56362e8783ee95df6636ddd3cbbd320a5066e7caad1178bd583b0604382a104c5e20aa70a141da9ee5ce0a6ea3d1a6025a0e57ad89eb4d0086f
- SSDEEP
  
  1536:Fc8N7UsWjcd9w+AyabjDbxE+MwmvlzuazToFP:ZRpAyazIliazToZ
Score

7^/10

persistence spyware stealer
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2

persistencespywarestealer