4aec4515bf65e91794dcc70a63e57c1fbb7102a4bd6a1a5b91acabe0e1fbc8b2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-06-14_82b76b3bee31b799314994b88a08173c_bkransomware
Size

168KB
Sample

240614-sgesfszbjl
MD5

82b76b3bee31b799314994b88a08173c
SHA1

626cf66ebc16280743d5086306118b537d36f66b
SHA256

4aec4515bf65e91794dcc70a63e57c1fbb7102a4bd6a1a5b91acabe0e1fbc8b2
SHA512

6fecba1eecc7bb60a4120beda0478cd76cd03093016014470beab3b5061a8c8ed7bb9eb13d6933d9f32bdf20d9ab02f3fd86c142c8d11db1e1268b38b3bdb879
SSDEEP

3072:ZhpAyazIlyazTKmsoki0zssfRgBuhyiACpCd0k:hZMazu6szsaNhxC

Score

7^/10

persistence spyware stealer

Malware Config

Targets

- Target
  
  2024-06-14_82b76b3bee31b799314994b88a08173c_bkransomware
- Size
  
  168KB
- MD5
  
  82b76b3bee31b799314994b88a08173c
- SHA1
  
  626cf66ebc16280743d5086306118b537d36f66b
- SHA256
  
  4aec4515bf65e91794dcc70a63e57c1fbb7102a4bd6a1a5b91acabe0e1fbc8b2
- SHA512
  
  6fecba1eecc7bb60a4120beda0478cd76cd03093016014470beab3b5061a8c8ed7bb9eb13d6933d9f32bdf20d9ab02f3fd86c142c8d11db1e1268b38b3bdb879
- SSDEEP
  
  3072:ZhpAyazIlyazTKmsoki0zssfRgBuhyiACpCd0k:hZMazu6szsaNhxC
Score

7^/10

persistence spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2

persistencespywarestealer