General

  • Target

    2024-06-12_601c830ac8e9620b0e855a4f43d54fae_bkransomware

  • Size

    395KB

  • Sample

    240612-w8g9fayglm

  • MD5

    601c830ac8e9620b0e855a4f43d54fae

  • SHA1

    722c6f13bf9af5905a76dd1ef1505da2e8294108

  • SHA256

    03304b0da8740eff566180674ef83446f2fb9ad57de37db50f8ab94042c84c23

  • SHA512

    5f328d7adbd2dc794fcc6c0a8ff11fad9e22188d44650d2209391787695110d9dde5f459e5bc66aa28a34bd5b1da1746ec9717c1ab590a59cf76853ed17ea86a

  • SSDEEP

    12288:hS0OGSZBBK65+4VMJybM8BCRv33UpKNiFr:DuBBK65+4yJybYv3yKNiFr

Malware Config

Targets

    • Target

      2024-06-12_601c830ac8e9620b0e855a4f43d54fae_bkransomware

    • Size

      395KB

    • MD5

      601c830ac8e9620b0e855a4f43d54fae

    • SHA1

      722c6f13bf9af5905a76dd1ef1505da2e8294108

    • SHA256

      03304b0da8740eff566180674ef83446f2fb9ad57de37db50f8ab94042c84c23

    • SHA512

      5f328d7adbd2dc794fcc6c0a8ff11fad9e22188d44650d2209391787695110d9dde5f459e5bc66aa28a34bd5b1da1746ec9717c1ab590a59cf76853ed17ea86a

    • SSDEEP

      12288:hS0OGSZBBK65+4VMJybM8BCRv33UpKNiFr:DuBBK65+4yJybYv3yKNiFr

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks