9eaade0c6d829a6e2703d68eb843b14189909b78e17a5e2c560e599489f4605d | Triage

Submit
Reports

Overview

overview

7

Static

static

3

2024-05-24...re.exe

windows7-x64

7

2024-05-24...re.exe

windows10-2004-x64

7

Sharing

General

Target

2024-05-24_411f91542c9e4be6ac58e39cb6ee6c56_bkransomware
Size

1.8MB
Sample

240524-zrn77sbb57
MD5

411f91542c9e4be6ac58e39cb6ee6c56
SHA1

896a0a8da0a0356dc575a61a28c9e76d270a1d82
SHA256

9eaade0c6d829a6e2703d68eb843b14189909b78e17a5e2c560e599489f4605d
SHA512

b5c75b879f8f3bc409c84f44cdfada33e00644d9bf1f03bd2148157fa8fa3ce1e9c9b30ebc8a87039e82471b31486523c31868eae78b8b6def405a1f02b957ef
SSDEEP

49152:/E19+ApwXk1QE1RzsEQPaxHNy0vo05s0eusONlP:Q93wXmoK6eD5s0JXP

Score

7^/10

spyware stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

2024-05-24_411f91542c9e4be6ac58e39cb6ee6c56_bkransomware.exe

Resource

win7-20240508-en

spyware stealer

windows7-x64

16 signatures

150 seconds

Behavioral task

behavioral2

Sample

2024-05-24_411f91542c9e4be6ac58e39cb6ee6c56_bkransomware.exe

Resource

win10v2004-20240508-en

spyware stealer

windows10-2004-x64

14 signatures

150 seconds

Malware Config

Targets

- Target
  
  2024-05-24_411f91542c9e4be6ac58e39cb6ee6c56_bkransomware
- Size
  
  1.8MB
- MD5
  
  411f91542c9e4be6ac58e39cb6ee6c56
- SHA1
  
  896a0a8da0a0356dc575a61a28c9e76d270a1d82
- SHA256
  
  9eaade0c6d829a6e2703d68eb843b14189909b78e17a5e2c560e599489f4605d
- SHA512
  
  b5c75b879f8f3bc409c84f44cdfada33e00644d9bf1f03bd2148157fa8fa3ce1e9c9b30ebc8a87039e82471b31486523c31868eae78b8b6def405a1f02b957ef
- SSDEEP
  
  49152:/E19+ApwXk1QE1RzsEQPaxHNy0vo05s0eusONlP:Q93wXmoK6eD5s0JXP
Score

7^/10

spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

System Information Discovery

Query Registry

Peripheral Device Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy