4c8321ed53b502e63bf6b2f982b48735600512eba7a1d5d5997a04cef0ad5bc4 | Triage

Sharing

General

Target

2024-07-01_21b0507568f89591ce925dae453c4974_bkransomware
Size

74KB
Sample

240701-s6nfwsxhqa
MD5

21b0507568f89591ce925dae453c4974
SHA1

ac6387815ae7edc05078df96428b22561533435a
SHA256

4c8321ed53b502e63bf6b2f982b48735600512eba7a1d5d5997a04cef0ad5bc4
SHA512

4b510b9b5e8255e6e83eee33007f5cec62d96d7544af0c8281c919394a44e620ab8f5e3a5dea17c2bb620f69106ad2637485a750a91ea95dda3c1cfb31db1c99
SSDEEP

1536:Fc897UsWjcd9w+AyabjDbxE+MwmvlDuazTho:ZhpAyazIlyazTho

Score

7^/10

persistence spyware stealer

Malware Config

Targets

- Target
  
  2024-07-01_21b0507568f89591ce925dae453c4974_bkransomware
- Size
  
  74KB
- MD5
  
  21b0507568f89591ce925dae453c4974
- SHA1
  
  ac6387815ae7edc05078df96428b22561533435a
- SHA256
  
  4c8321ed53b502e63bf6b2f982b48735600512eba7a1d5d5997a04cef0ad5bc4
- SHA512
  
  4b510b9b5e8255e6e83eee33007f5cec62d96d7544af0c8281c919394a44e620ab8f5e3a5dea17c2bb620f69106ad2637485a750a91ea95dda3c1cfb31db1c99
- SSDEEP
  
  1536:Fc897UsWjcd9w+AyabjDbxE+MwmvlDuazTho:ZhpAyazIlyazTho
Score

7^/10

persistence spyware stealer
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2

persistencespywarestealer