1f358f0cebae3cbf46d137677967f1fb84f5f15c239d4b31485da760afa1253f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-07-04_127300b9d577a04995d0e9784e757ce9_bkransomware
Size

71KB
Sample

240704-1mkvnashra
MD5

127300b9d577a04995d0e9784e757ce9
SHA1

53583e536f09eb9bf260522dfa8cf340c1a22702
SHA256

1f358f0cebae3cbf46d137677967f1fb84f5f15c239d4b31485da760afa1253f
SHA512

b99662e5ed85c30717b51e6a98113235b15d12df8c86f26c2c2fb9b19d4223e741a9eff3450ed5693e2563474f33e7752e42333188befe6292b2c314e4307b49
SSDEEP

1536:Fc8N7UsWjcd9w+AyabjDbxE+MwmvlzuazTg:ZRpAyazIliazTg

Score

7^/10

persistence spyware stealer

Malware Config

Targets

- Target
  
  2024-07-04_127300b9d577a04995d0e9784e757ce9_bkransomware
- Size
  
  71KB
- MD5
  
  127300b9d577a04995d0e9784e757ce9
- SHA1
  
  53583e536f09eb9bf260522dfa8cf340c1a22702
- SHA256
  
  1f358f0cebae3cbf46d137677967f1fb84f5f15c239d4b31485da760afa1253f
- SHA512
  
  b99662e5ed85c30717b51e6a98113235b15d12df8c86f26c2c2fb9b19d4223e741a9eff3450ed5693e2563474f33e7752e42333188befe6292b2c314e4307b49
- SSDEEP
  
  1536:Fc8N7UsWjcd9w+AyabjDbxE+MwmvlzuazTg:ZRpAyazIliazTg
Score

7^/10

persistence spyware stealer
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2

persistencespywarestealer