Overview

overview

7

Static

static

3

2024-08-18...re.exe

windows7-x64

7

2024-08-18...re.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-08-18_be585ec1173c64f7fad34271fd344b00_bkransomware

  • Size

    144KB

  • Sample

    240818-enty3avapc

  • MD5

    be585ec1173c64f7fad34271fd344b00

  • SHA1

    324b2e1271b52e6c3ba480a39b9ab4bf096a6c4b

  • SHA256

    e4455cc9aff329e4f0ebb6eab86dcf6f6b3a3c3204295997411dd2418ca992db

  • SHA512

    56a47d4902392c733af5f40b805ce2d5715026cab6b4cf7957e65f4ae3b5d43bc87c53c914d8ff85ba939956db351363f1d2a9f6a7616dff571f91cbbbfd9bf6

  • SSDEEP

    3072:ZhpAyazIlyazT74aSLKH0wHKZ5gHwGYhNUkFfQH13BQcYJYxf:hZMazP0p5pNvFfQPHYJYxf

Score
7/10
discoverypersistencespywarestealer

Malware Config

Targets

    • Target

      2024-08-18_be585ec1173c64f7fad34271fd344b00_bkransomware

    • Size

      144KB

    • MD5

      be585ec1173c64f7fad34271fd344b00

    • SHA1

      324b2e1271b52e6c3ba480a39b9ab4bf096a6c4b

    • SHA256

      e4455cc9aff329e4f0ebb6eab86dcf6f6b3a3c3204295997411dd2418ca992db

    • SHA512

      56a47d4902392c733af5f40b805ce2d5715026cab6b4cf7957e65f4ae3b5d43bc87c53c914d8ff85ba939956db351363f1d2a9f6a7616dff571f91cbbbfd9bf6

    • SSDEEP

      3072:ZhpAyazIlyazT74aSLKH0wHKZ5gHwGYhNUkFfQH13BQcYJYxf:hZMazP0p5pNvFfQPHYJYxf

    Score
    7/10
    discoverypersistencespywarestealer

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks