8a7376a229aebba233293c9f6e5d838a7a149f51a62e42dc9c3e936bbbfb9a4a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-28_0e4492887d061f61b244c76b56ec9931_bkransomware
Size

96KB
Sample

240528-argexsff3x
MD5

0e4492887d061f61b244c76b56ec9931
SHA1

a3cca1abed9e7895a1a6f837e7c38e61bdf75bab
SHA256

8a7376a229aebba233293c9f6e5d838a7a149f51a62e42dc9c3e936bbbfb9a4a
SHA512

94525c86abcbb01092116ee8d21d74b37b5719aefc7453219ed8d368ff113f28a4414dd4d949273cbe858dbc66a30a48efa3bff358acb092e768e1bfdc974504
SSDEEP

1536:Fc8N7UsWjcd9w+AyabjDbxE+MwmvlzuazTkgPGhM9oIO2b/u:ZRpAyazIliazTduQUc/u

Score

7^/10

persistence spyware stealer

Malware Config

Targets

- Target
  
  2024-05-28_0e4492887d061f61b244c76b56ec9931_bkransomware
- Size
  
  96KB
- MD5
  
  0e4492887d061f61b244c76b56ec9931
- SHA1
  
  a3cca1abed9e7895a1a6f837e7c38e61bdf75bab
- SHA256
  
  8a7376a229aebba233293c9f6e5d838a7a149f51a62e42dc9c3e936bbbfb9a4a
- SHA512
  
  94525c86abcbb01092116ee8d21d74b37b5719aefc7453219ed8d368ff113f28a4414dd4d949273cbe858dbc66a30a48efa3bff358acb092e768e1bfdc974504
- SSDEEP
  
  1536:Fc8N7UsWjcd9w+AyabjDbxE+MwmvlzuazTkgPGhM9oIO2b/u:ZRpAyazIliazTduQUc/u
Score

7^/10

persistence spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2

persistencespywarestealer