90ecb39b66c300d8dec72e3eada3ed936d5caa6855c20f4191629fa81ca088b4 | Triage

Sharing

General

Target

2024-05-27_2742d56a7a2a5b906c723ae86d5309e1_bkransomware
Size

71KB
Sample

240527-g7l4nsah91
MD5

2742d56a7a2a5b906c723ae86d5309e1
SHA1

e91dc1a8515f4f13e6277c7c308a61c74496234a
SHA256

90ecb39b66c300d8dec72e3eada3ed936d5caa6855c20f4191629fa81ca088b4
SHA512

9b683ae96f8ea2f6cfcee1124c6977aa32b2adc7e0de1419156a4cbfc219858993daf52efb0968605532f9500ccc7ee723764202d1777f43bce3c60dfeb9359a
SSDEEP

1536:Fc897UsWjcd9w+AyabjDbxE+MwmvlDuazTle:ZhpAyazIlyazTQ

Score

7^/10

persistence spyware stealer

Malware Config

Targets

- Target
  
  2024-05-27_2742d56a7a2a5b906c723ae86d5309e1_bkransomware
- Size
  
  71KB
- MD5
  
  2742d56a7a2a5b906c723ae86d5309e1
- SHA1
  
  e91dc1a8515f4f13e6277c7c308a61c74496234a
- SHA256
  
  90ecb39b66c300d8dec72e3eada3ed936d5caa6855c20f4191629fa81ca088b4
- SHA512
  
  9b683ae96f8ea2f6cfcee1124c6977aa32b2adc7e0de1419156a4cbfc219858993daf52efb0968605532f9500ccc7ee723764202d1777f43bce3c60dfeb9359a
- SSDEEP
  
  1536:Fc897UsWjcd9w+AyabjDbxE+MwmvlDuazTle:ZhpAyazIlyazTQ
Score

7^/10

persistence spyware stealer
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2

persistencespywarestealer