d444727f4bdd22e3f9f287a36edfea26b0c19a71cb0b688e55824793334e4ff4 | Triage

Sharing

General

Target

2024-06-06_69b8ec7d989d036aa20840a54f3f71f2_bkransomware
Size

214KB
Sample

240606-k3dtaadb66
MD5

69b8ec7d989d036aa20840a54f3f71f2
SHA1

332ffd529d90548493343577ecf7fed4896ea75f
SHA256

d444727f4bdd22e3f9f287a36edfea26b0c19a71cb0b688e55824793334e4ff4
SHA512

5e73838b265c99d8212cac3553634a308fa0ae68ba0b90d7080168022530a1e38b5b04d56d3b7ecb2f455e9028ab13bb0397a34a4597a1e8b7738a2c119958d0
SSDEEP

6144:xZ8azrfbksLXgy6SixE8DH1jhIQMXqqJebFRfKE:xC08sLQfnr1tkqlbFp

Score

7^/10

persistence spyware stealer

Malware Config

Targets

- Target
  
  2024-06-06_69b8ec7d989d036aa20840a54f3f71f2_bkransomware
- Size
  
  214KB
- MD5
  
  69b8ec7d989d036aa20840a54f3f71f2
- SHA1
  
  332ffd529d90548493343577ecf7fed4896ea75f
- SHA256
  
  d444727f4bdd22e3f9f287a36edfea26b0c19a71cb0b688e55824793334e4ff4
- SHA512
  
  5e73838b265c99d8212cac3553634a308fa0ae68ba0b90d7080168022530a1e38b5b04d56d3b7ecb2f455e9028ab13bb0397a34a4597a1e8b7738a2c119958d0
- SSDEEP
  
  6144:xZ8azrfbksLXgy6SixE8DH1jhIQMXqqJebFRfKE:xC08sLQfnr1tkqlbFp
Score

7^/10

persistence spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2

persistencespywarestealer