General

  • Target

    2024-06-03_ff0cc1c9dbe2c469827a10ac651504b6_bkransomware

  • Size

    71KB

  • Sample

    240603-hmg5nafc9z

  • MD5

    ff0cc1c9dbe2c469827a10ac651504b6

  • SHA1

    90e909876a1878e75d7f1ef8c5690e327ab25960

  • SHA256

    97bfea76db6fd72e3bdd0b6317b5011555f53b96ff2bb63f2dc9147c0b8a5660

  • SHA512

    794c75befc2cb294a3afd85ff6091af51e3d99f1dfaa5dc9e5e110c835d1645b0854d197f4fd08f1e641e3a1fa8aa39f1fe1d2052951ee2b8a56cc0312cd5322

  • SSDEEP

    1536:Fc8N7UsWjcd9w+AyabjDbxE+MwmvlzuazTnK:ZRpAyazIliazTnK

Malware Config

Targets

    • Target

      2024-06-03_ff0cc1c9dbe2c469827a10ac651504b6_bkransomware

    • Size

      71KB

    • MD5

      ff0cc1c9dbe2c469827a10ac651504b6

    • SHA1

      90e909876a1878e75d7f1ef8c5690e327ab25960

    • SHA256

      97bfea76db6fd72e3bdd0b6317b5011555f53b96ff2bb63f2dc9147c0b8a5660

    • SHA512

      794c75befc2cb294a3afd85ff6091af51e3d99f1dfaa5dc9e5e110c835d1645b0854d197f4fd08f1e641e3a1fa8aa39f1fe1d2052951ee2b8a56cc0312cd5322

    • SSDEEP

      1536:Fc8N7UsWjcd9w+AyabjDbxE+MwmvlzuazTnK:ZRpAyazIliazTnK

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks