General

  • Target

    2024-06-11_56005583470a69f5bbe7178e6716a221_bkransomware

  • Size

    518KB

  • Sample

    240611-veljbsthpm

  • MD5

    56005583470a69f5bbe7178e6716a221

  • SHA1

    247b69c6733fd528b8248351550eff2da9858c08

  • SHA256

    fcad3d3ca8a4e5178fc63957963d7909494c520a9a9e44377cd23e37f46baa06

  • SHA512

    2e877ad205a99360e37b54179eab3afd206e085a19af26c623ae560a0aa13c49fc41c7d8b8f99217a9f89307f8d8636c6f6e48c88e42402b4e949a61256b1d56

  • SSDEEP

    12288:hS0MZb0h+56g5+REQnU+bqo7+ulQGlW+obVaNuF1DML:DM10hC6tREQ/d7VlQGsLZaNum

Malware Config

Targets

    • Target

      2024-06-11_56005583470a69f5bbe7178e6716a221_bkransomware

    • Size

      518KB

    • MD5

      56005583470a69f5bbe7178e6716a221

    • SHA1

      247b69c6733fd528b8248351550eff2da9858c08

    • SHA256

      fcad3d3ca8a4e5178fc63957963d7909494c520a9a9e44377cd23e37f46baa06

    • SHA512

      2e877ad205a99360e37b54179eab3afd206e085a19af26c623ae560a0aa13c49fc41c7d8b8f99217a9f89307f8d8636c6f6e48c88e42402b4e949a61256b1d56

    • SSDEEP

      12288:hS0MZb0h+56g5+REQnU+bqo7+ulQGlW+obVaNuF1DML:DM10hC6tREQ/d7VlQGsLZaNum

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks