785cb716fa93ebadf945b62764868eb9aee6081b31e4058e7ca64f538e914e1a | Triage

Sharing

General

Target

2024-08-05_c36a6061550baa5cd3e3a45ba0bfa6e3_bkransomware
Size

1.6MB
Sample

240805-lm78mawfqa
MD5

c36a6061550baa5cd3e3a45ba0bfa6e3
SHA1

7331f8ebbabd78a9e3d6860e92dc0fcd9bbdf399
SHA256

785cb716fa93ebadf945b62764868eb9aee6081b31e4058e7ca64f538e914e1a
SHA512

5b968969bf4bc9a3c4ff02466e278f12e3681e96b91c094d0f8595232dc3370ff599f522fec0a7183090fde509f89ef45725b86457d2b90ba8f1fb005dd0b316
SSDEEP

12288:i85bM3nKxYfj63hgD1ZiwMTmkJR4Do07Y86gw5CtCjX+NLuFhNpBeZT3X:E3nKi63iOSkQ/7Gb8NLEbeZ

Score

7^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  2024-08-05_c36a6061550baa5cd3e3a45ba0bfa6e3_bkransomware
- Size
  
  1.6MB
- MD5
  
  c36a6061550baa5cd3e3a45ba0bfa6e3
- SHA1
  
  7331f8ebbabd78a9e3d6860e92dc0fcd9bbdf399
- SHA256
  
  785cb716fa93ebadf945b62764868eb9aee6081b31e4058e7ca64f538e914e1a
- SHA512
  
  5b968969bf4bc9a3c4ff02466e278f12e3681e96b91c094d0f8595232dc3370ff599f522fec0a7183090fde509f89ef45725b86457d2b90ba8f1fb005dd0b316
- SSDEEP
  
  12288:i85bM3nKxYfj63hgD1ZiwMTmkJR4Do07Y86gw5CtCjX+NLuFhNpBeZT3X:E3nKi63iOSkQ/7Gb8NLEbeZ
Score

7^/10

discovery spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryspywarestealer

behavioral2

discoveryspywarestealer