fbb15eccc4603d3ebce8c19e24f46bbcb39d197ab4a08f80f6ad30c558e564b7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-06-07_6ecdcbf8f1855426d579502dcd04dad6_bkransomware
Size

74KB
Sample

240607-kawhmaed73
MD5

6ecdcbf8f1855426d579502dcd04dad6
SHA1

dd3e172f612dba243ca1a73b28ef4572dd130deb
SHA256

fbb15eccc4603d3ebce8c19e24f46bbcb39d197ab4a08f80f6ad30c558e564b7
SHA512

c5050f59625a93e4ad65aea4a6173ac4c62a19c1128a4ff9f821c32d71b9f49de317f2ffcba141ab3149fa0293709a954ebe6f61518820b6a8132ff4409fb704
SSDEEP

1536:Fc8N7UsWjcd9w+AyabjDbxE+MwmvlzuazTeD:ZRpAyazIliazTq

Score

7^/10

persistence spyware stealer

Malware Config

Targets

- Target
  
  2024-06-07_6ecdcbf8f1855426d579502dcd04dad6_bkransomware
- Size
  
  74KB
- MD5
  
  6ecdcbf8f1855426d579502dcd04dad6
- SHA1
  
  dd3e172f612dba243ca1a73b28ef4572dd130deb
- SHA256
  
  fbb15eccc4603d3ebce8c19e24f46bbcb39d197ab4a08f80f6ad30c558e564b7
- SHA512
  
  c5050f59625a93e4ad65aea4a6173ac4c62a19c1128a4ff9f821c32d71b9f49de317f2ffcba141ab3149fa0293709a954ebe6f61518820b6a8132ff4409fb704
- SSDEEP
  
  1536:Fc8N7UsWjcd9w+AyabjDbxE+MwmvlzuazTeD:ZRpAyazIliazTq
Score

7^/10

persistence spyware stealer
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2

persistencespywarestealer