Overview

overview

7

Static

static

3

2024-06-28...re.exe

windows7-x64

7

2024-06-28...re.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    2024-06-28_babad6a9ebc50cbca4b001ed750a0e5b_bkransomware

  • Size

    24.4MB

  • Sample

    240628-pxdcsasglq

  • MD5

    babad6a9ebc50cbca4b001ed750a0e5b

  • SHA1

    9444b5fe0e332022446439bc6e63fd26c04f1f81

  • SHA256

    578c2c76517adfa3d691d59c0b608eb881a40d75d8a662065993fb9c8c999b28

  • SHA512

    00633f4717228f8a7b08be95446a23910f8b4fde170ea877a98d0a8317e1e73e84c0c9faf9fa4d9880e6e699b13a29f37766d0095fe92f50be67bfedc7ee047e

  • SSDEEP

    786432:8qdDFicSm20ZqhUzvAp8NIA/NfZEuFj0ym5Ad7Y2GCJ3q:8qdocP20sKv/FlREuF3TGCJ3q

Score
7/10
discoverypersistencespywarestealer

Malware Config

Targets

    • Target

      2024-06-28_babad6a9ebc50cbca4b001ed750a0e5b_bkransomware

    • Size

      24.4MB

    • MD5

      babad6a9ebc50cbca4b001ed750a0e5b

    • SHA1

      9444b5fe0e332022446439bc6e63fd26c04f1f81

    • SHA256

      578c2c76517adfa3d691d59c0b608eb881a40d75d8a662065993fb9c8c999b28

    • SHA512

      00633f4717228f8a7b08be95446a23910f8b4fde170ea877a98d0a8317e1e73e84c0c9faf9fa4d9880e6e699b13a29f37766d0095fe92f50be67bfedc7ee047e

    • SSDEEP

      786432:8qdDFicSm20ZqhUzvAp8NIA/NfZEuFj0ym5Ad7Y2GCJ3q:8qdocP20sKv/FlREuF3TGCJ3q

    Score
    7/10
    discoverypersistencespywarestealer

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks