General

  • Target

    2024-06-14_856b1485bdb888d67f779d94146835fb_bkransomware

  • Size

    71KB

  • Sample

    240614-jm21ha1bnc

  • MD5

    856b1485bdb888d67f779d94146835fb

  • SHA1

    07c5ff79696d134fe7998cd86a47c5e7d73e73c5

  • SHA256

    2f4ddb0801b2aa98136f3987d52bd47650feef13ce97b2771e92518267454166

  • SHA512

    3b0fa272f27b7ba4cb0bba278c29b3547f490c1df09b0ecb36f3b703c97b879632503a982a0ac8502c878ff53959e2d9c49cefd88e0fdb1fe07378d75e8165e0

  • SSDEEP

    1536:Fc897UsWjcd9w+AyabjDbxE+MwmvlDuazTxZ:ZhpAyazIlyazTT

Malware Config

Targets

    • Target

      2024-06-14_856b1485bdb888d67f779d94146835fb_bkransomware

    • Size

      71KB

    • MD5

      856b1485bdb888d67f779d94146835fb

    • SHA1

      07c5ff79696d134fe7998cd86a47c5e7d73e73c5

    • SHA256

      2f4ddb0801b2aa98136f3987d52bd47650feef13ce97b2771e92518267454166

    • SHA512

      3b0fa272f27b7ba4cb0bba278c29b3547f490c1df09b0ecb36f3b703c97b879632503a982a0ac8502c878ff53959e2d9c49cefd88e0fdb1fe07378d75e8165e0

    • SSDEEP

      1536:Fc897UsWjcd9w+AyabjDbxE+MwmvlDuazTxZ:ZhpAyazIlyazTT

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks