383e04cc53d06cdf31235cbce56c3b6f7ad8a3def771fd723ff9648db87d1adb | Triage

Sharing

General

Target

2024-05-29_694389f5fe3d942957d3057cde4b3084_bkransomware
Size

71KB
Sample

240529-n4p5gsec36
MD5

694389f5fe3d942957d3057cde4b3084
SHA1

d3f5db605c9cfebd61b228cf5744fcc8f6cffd78
SHA256

383e04cc53d06cdf31235cbce56c3b6f7ad8a3def771fd723ff9648db87d1adb
SHA512

b41c11b453293b353d1b1113d62139b762bfc94520937ff58a130b88d1666e3adb61cdb5c4ecc893db430459c1c43f2a926147e4c3b1b921a6798f48d1706a46
SSDEEP

1536:Fc897UsWjcd9w+AyabjDbxE+MwmvlDuazTS:ZhpAyazIlyazTS

Score

7^/10

persistence spyware stealer

Malware Config

Targets

- Target
  
  2024-05-29_694389f5fe3d942957d3057cde4b3084_bkransomware
- Size
  
  71KB
- MD5
  
  694389f5fe3d942957d3057cde4b3084
- SHA1
  
  d3f5db605c9cfebd61b228cf5744fcc8f6cffd78
- SHA256
  
  383e04cc53d06cdf31235cbce56c3b6f7ad8a3def771fd723ff9648db87d1adb
- SHA512
  
  b41c11b453293b353d1b1113d62139b762bfc94520937ff58a130b88d1666e3adb61cdb5c4ecc893db430459c1c43f2a926147e4c3b1b921a6798f48d1706a46
- SSDEEP
  
  1536:Fc897UsWjcd9w+AyabjDbxE+MwmvlDuazTS:ZhpAyazIlyazTS
Score

7^/10

persistence spyware stealer
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2

persistencespywarestealer