81dc7f5b11e5544f61e2d2b0177b337bc09447e01060ccf745362ebbc624ce58 | Triage

Sharing

General

Target

2024-05-29_d34cb830e5d4ad38c26d9a69091a2ec1_bkransomware
Size

71KB
Sample

240529-s847esah8t
MD5

d34cb830e5d4ad38c26d9a69091a2ec1
SHA1

7c0374654a76f28e8d05b412495fb9a2c9ab8ade
SHA256

81dc7f5b11e5544f61e2d2b0177b337bc09447e01060ccf745362ebbc624ce58
SHA512

ab2ebf7b66ee7c6097922c25c332a3871a30031e46c03b259e6bb6d2fd18122902fcfad8952cad18c6b0a691e9cb65ae5c7887ad1edad2b1d7e5d3efa15a9ae6
SSDEEP

1536:Fc897UsWjcd9w+AyabjDbxE+MwmvlDuazT/n:ZhpAyazIlyazT/n

Score

7^/10

persistence spyware stealer

Malware Config

Targets

- Target
  
  2024-05-29_d34cb830e5d4ad38c26d9a69091a2ec1_bkransomware
- Size
  
  71KB
- MD5
  
  d34cb830e5d4ad38c26d9a69091a2ec1
- SHA1
  
  7c0374654a76f28e8d05b412495fb9a2c9ab8ade
- SHA256
  
  81dc7f5b11e5544f61e2d2b0177b337bc09447e01060ccf745362ebbc624ce58
- SHA512
  
  ab2ebf7b66ee7c6097922c25c332a3871a30031e46c03b259e6bb6d2fd18122902fcfad8952cad18c6b0a691e9cb65ae5c7887ad1edad2b1d7e5d3efa15a9ae6
- SSDEEP
  
  1536:Fc897UsWjcd9w+AyabjDbxE+MwmvlDuazT/n:ZhpAyazIlyazT/n
Score

7^/10

persistence spyware stealer
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2

persistencespywarestealer