General

  • Target

    2024-06-14_78b8d9b5530cf2d66d860142978bf6c4_bkransomware

  • Size

    3.6MB

  • Sample

    240614-jk1pnavarj

  • MD5

    78b8d9b5530cf2d66d860142978bf6c4

  • SHA1

    19f0c0c9024924d73abb5d4dd945caf08c97fb62

  • SHA256

    e20daa975fd49841457d1fa998c7ac115d166f975e71787e19e658f1421dde94

  • SHA512

    3b89e18cdfb1cd71ed2f401d7d3983c49d02a616db6e1853f6f27d3a6d42adfcbbc2aea7acc7fb3a5ccf1d5a5b6d5f525ae5a190bc65ff3055dba593dd9e7410

  • SSDEEP

    98304:D0IPByBfkAZWfIjFtUPLjag9RWS69D4f6ocNFwN6BD02mXDu0:SfktCFtILM9k1SfobXDu0

Malware Config

Targets

    • Target

      2024-06-14_78b8d9b5530cf2d66d860142978bf6c4_bkransomware

    • Size

      3.6MB

    • MD5

      78b8d9b5530cf2d66d860142978bf6c4

    • SHA1

      19f0c0c9024924d73abb5d4dd945caf08c97fb62

    • SHA256

      e20daa975fd49841457d1fa998c7ac115d166f975e71787e19e658f1421dde94

    • SHA512

      3b89e18cdfb1cd71ed2f401d7d3983c49d02a616db6e1853f6f27d3a6d42adfcbbc2aea7acc7fb3a5ccf1d5a5b6d5f525ae5a190bc65ff3055dba593dd9e7410

    • SSDEEP

      98304:D0IPByBfkAZWfIjFtUPLjag9RWS69D4f6ocNFwN6BD02mXDu0:SfktCFtILM9k1SfobXDu0

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks