General

  • Target

    2024-06-12_e462f722981336ceb40159641c72f9d5_bkransomware

  • Size

    71KB

  • Sample

    240612-3pf1layhkm

  • MD5

    e462f722981336ceb40159641c72f9d5

  • SHA1

    5d99cbda4bada2f6dcd78b75354c2766d276e205

  • SHA256

    385cf2c58fe92f2abbedbd53dd5d8152ade5954112b801cff1b149df5e3273cb

  • SHA512

    114b88279d8797ce712e40f0052c21ec1e1025df03b7cc434e1308b9d752aa49235bde8b7e5cdd15bf6c4595203d4259e9eb272abcfc3690105b37b51532d1a9

  • SSDEEP

    1536:Fc897UsWjcd9w+AyabjDbxE+MwmvlDuazTd:ZhpAyazIlyazTd

Malware Config

Targets

    • Target

      2024-06-12_e462f722981336ceb40159641c72f9d5_bkransomware

    • Size

      71KB

    • MD5

      e462f722981336ceb40159641c72f9d5

    • SHA1

      5d99cbda4bada2f6dcd78b75354c2766d276e205

    • SHA256

      385cf2c58fe92f2abbedbd53dd5d8152ade5954112b801cff1b149df5e3273cb

    • SHA512

      114b88279d8797ce712e40f0052c21ec1e1025df03b7cc434e1308b9d752aa49235bde8b7e5cdd15bf6c4595203d4259e9eb272abcfc3690105b37b51532d1a9

    • SSDEEP

      1536:Fc897UsWjcd9w+AyabjDbxE+MwmvlDuazTd:ZhpAyazIlyazTd

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks