bbeef9ffe514cd16a400dda06fa205fecebb5c8f285b0310c795a62eba5be8fd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-06-09_c20c4cb0f6ad63d8d683b50842045563_bkransomware
Size

262KB
Sample

240609-k1mcmsgd7s
MD5

c20c4cb0f6ad63d8d683b50842045563
SHA1

358e89482a2018d1d62571bef117c8b3b677dc65
SHA256

bbeef9ffe514cd16a400dda06fa205fecebb5c8f285b0310c795a62eba5be8fd
SHA512

aea57c5c858714dcdc2879d81f009c8c6192034ba038afa07be3e1bff24422ed6fc5cecf557eef11c643727bd4f0b310223b6b35c708de5aefdebfc388f41ff0
SSDEEP

6144:hZMazM5sZChZJpq9qrK8NpFYwDu//ru1PhCqK:hS0M5u998NciunSC9

Score

7^/10

persistence spyware stealer

Malware Config

Targets

- Target
  
  2024-06-09_c20c4cb0f6ad63d8d683b50842045563_bkransomware
- Size
  
  262KB
- MD5
  
  c20c4cb0f6ad63d8d683b50842045563
- SHA1
  
  358e89482a2018d1d62571bef117c8b3b677dc65
- SHA256
  
  bbeef9ffe514cd16a400dda06fa205fecebb5c8f285b0310c795a62eba5be8fd
- SHA512
  
  aea57c5c858714dcdc2879d81f009c8c6192034ba038afa07be3e1bff24422ed6fc5cecf557eef11c643727bd4f0b310223b6b35c708de5aefdebfc388f41ff0
- SSDEEP
  
  6144:hZMazM5sZChZJpq9qrK8NpFYwDu//ru1PhCqK:hS0M5u998NciunSC9
Score

7^/10

persistence spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2

persistencespywarestealer