0ff2f2975876d801afb0e04ab6916d143f91b77e22a6a8f02ffe2d6201cd5e58 | Triage

Sharing

General

Target

2024-06-16_a50781946720ed52e9c447db69fd4370_bkransomware
Size

96KB
Sample

240616-d14hla1hlj
MD5

a50781946720ed52e9c447db69fd4370
SHA1

5297f8d1684beddc776d6a24e64005b61f5b0300
SHA256

0ff2f2975876d801afb0e04ab6916d143f91b77e22a6a8f02ffe2d6201cd5e58
SHA512

ee31182edf9e7a29705a4c817d32dd5429ecbc5f75994cc07e1eb75c4c25b5e472f89ba8df936f0295b8adeeb099c52fcaf4682305b413f7289dd795f399c95e
SSDEEP

1536:Fc897UsWjcd9w+AyabjDbxE+MwmvlDuazTwWx+UhVIwPvGZv0p8N3:ZhpAyazIlyazTwa5PS0OF

Score

7^/10

persistence spyware stealer

Malware Config

Targets

- Target
  
  2024-06-16_a50781946720ed52e9c447db69fd4370_bkransomware
- Size
  
  96KB
- MD5
  
  a50781946720ed52e9c447db69fd4370
- SHA1
  
  5297f8d1684beddc776d6a24e64005b61f5b0300
- SHA256
  
  0ff2f2975876d801afb0e04ab6916d143f91b77e22a6a8f02ffe2d6201cd5e58
- SHA512
  
  ee31182edf9e7a29705a4c817d32dd5429ecbc5f75994cc07e1eb75c4c25b5e472f89ba8df936f0295b8adeeb099c52fcaf4682305b413f7289dd795f399c95e
- SSDEEP
  
  1536:Fc897UsWjcd9w+AyabjDbxE+MwmvlDuazTwWx+UhVIwPvGZv0p8N3:ZhpAyazIlyazTwa5PS0OF
Score

7^/10

persistence spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2

persistencespywarestealer