General

  • Target

    2024-06-12_337a305312764d1905019ce98e14af03_bkransomware

  • Size

    174KB

  • Sample

    240612-rwyy7syclf

  • MD5

    337a305312764d1905019ce98e14af03

  • SHA1

    7fb739f49657e82bfd5a67a546c0669fe27d7515

  • SHA256

    b666e57abc4f3cc49f0951de6612e9e5c380063295c021b5d1990abe1effff59

  • SHA512

    b788faf0be21380d0ef0f50105f760a6437ffc187f5fc5081fc6ff185410f0096eaf2a38c14375a6e525d4bbf34bb5193da8163c346a40beaa7c38f25cf0e55e

  • SSDEEP

    3072:ZhpAyazIlyazTk8TvElyZlobzjzYheNLxSF/UtDF3d3CHdlGFcmfyKFitmG/M:hZMazY8TvElhFUF/0DZql6fpFiD/M

Malware Config

Targets

    • Target

      2024-06-12_337a305312764d1905019ce98e14af03_bkransomware

    • Size

      174KB

    • MD5

      337a305312764d1905019ce98e14af03

    • SHA1

      7fb739f49657e82bfd5a67a546c0669fe27d7515

    • SHA256

      b666e57abc4f3cc49f0951de6612e9e5c380063295c021b5d1990abe1effff59

    • SHA512

      b788faf0be21380d0ef0f50105f760a6437ffc187f5fc5081fc6ff185410f0096eaf2a38c14375a6e525d4bbf34bb5193da8163c346a40beaa7c38f25cf0e55e

    • SSDEEP

      3072:ZhpAyazIlyazTk8TvElyZlobzjzYheNLxSF/UtDF3d3CHdlGFcmfyKFitmG/M:hZMazY8TvElhFUF/0DZql6fpFiD/M

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks