13f0706f4b3aed622db919d2ebd33c6c57aa38983fcac5b5f8102d06ba797bd0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-06-02_961b892b407b350c9abde16e1642f5dc_bkransomware
Size

71KB
Sample

240602-yy7sfsde5x
MD5

961b892b407b350c9abde16e1642f5dc
SHA1

469ac7668adc75958da74f9e02b4bd7f140316d8
SHA256

13f0706f4b3aed622db919d2ebd33c6c57aa38983fcac5b5f8102d06ba797bd0
SHA512

50270ff67201ead9ca7e0733d1bac1187e497cbf6bbced41e8b92cb77cc2824e5f1ffb8fd31bfffe3795b8d9570f1a9a1236983f3666f3376d025b1a95e376a6
SSDEEP

1536:Fc897UsWjcd9w+AyabjDbxE+MwmvlDuazTd:ZhpAyazIlyazTd

Score

7^/10

persistence spyware stealer

Malware Config

Targets

- Target
  
  2024-06-02_961b892b407b350c9abde16e1642f5dc_bkransomware
- Size
  
  71KB
- MD5
  
  961b892b407b350c9abde16e1642f5dc
- SHA1
  
  469ac7668adc75958da74f9e02b4bd7f140316d8
- SHA256
  
  13f0706f4b3aed622db919d2ebd33c6c57aa38983fcac5b5f8102d06ba797bd0
- SHA512
  
  50270ff67201ead9ca7e0733d1bac1187e497cbf6bbced41e8b92cb77cc2824e5f1ffb8fd31bfffe3795b8d9570f1a9a1236983f3666f3376d025b1a95e376a6
- SSDEEP
  
  1536:Fc897UsWjcd9w+AyabjDbxE+MwmvlDuazTd:ZhpAyazIlyazTd
Score

7^/10

persistence spyware stealer
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2

persistencespywarestealer