0bbb1d121e265d97ee187ca24909c07a0325d54ad3d05733bac03f5143030ab9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-06-24_88a6743897dcd0d24ce5a2fa2bf4a1f8_bkransomware
Size

71KB
Sample

240624-n9xrhsvcqq
MD5

88a6743897dcd0d24ce5a2fa2bf4a1f8
SHA1

196b5622fd49da60aba6976ee7856c78a25381ad
SHA256

0bbb1d121e265d97ee187ca24909c07a0325d54ad3d05733bac03f5143030ab9
SHA512

86bcad350b1ac417532db15638e409455aadc38a6b5e96218da6edea830513903397cf0de04e1bf7a872eddb65aa97d2608a6e53fcb6e68dea9e7c9c57e6e441
SSDEEP

1536:Fc897UsWjcd9w+AyabjDbxE+MwmvlDuazTy:ZhpAyazIlyazTy

Score

7^/10

persistence spyware stealer

Malware Config

Targets

- Target
  
  2024-06-24_88a6743897dcd0d24ce5a2fa2bf4a1f8_bkransomware
- Size
  
  71KB
- MD5
  
  88a6743897dcd0d24ce5a2fa2bf4a1f8
- SHA1
  
  196b5622fd49da60aba6976ee7856c78a25381ad
- SHA256
  
  0bbb1d121e265d97ee187ca24909c07a0325d54ad3d05733bac03f5143030ab9
- SHA512
  
  86bcad350b1ac417532db15638e409455aadc38a6b5e96218da6edea830513903397cf0de04e1bf7a872eddb65aa97d2608a6e53fcb6e68dea9e7c9c57e6e441
- SSDEEP
  
  1536:Fc897UsWjcd9w+AyabjDbxE+MwmvlDuazTy:ZhpAyazIlyazTy
Score

7^/10

persistence spyware stealer
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2

persistencespywarestealer