4b6ec354e2b5762b42fbd692a2126e1f6a3a216cd5c1a32df7ca377d59acabf7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-10-04_3de038aa04235403167cde0f8d5812c2_bkransomware
Size

96KB
Sample

241004-svgh7s1grn
MD5

3de038aa04235403167cde0f8d5812c2
SHA1

542e20f52fff41ea9f72ca9cb30f8c1b6dfcbdea
SHA256

4b6ec354e2b5762b42fbd692a2126e1f6a3a216cd5c1a32df7ca377d59acabf7
SHA512

98fb300a6b6fbf2e20388c76c8c488e9dd0f0c3f201a5ae50544b8fc2e879275b6774f07320bb32628e9937d57bc56a7523308ae580b6976ae5085407c11c89b
SSDEEP

1536:Fc897UsWjcd9w+AyabjDbxE+MwmvlDuazTdtDBL4W+fD9BylXc9Ftj25LjdBTZX:ZhpAyazIlyazTdovDj+4sBF

Score

7^/10

discovery persistence spyware stealer

Malware Config

Targets

- Target
  
  2024-10-04_3de038aa04235403167cde0f8d5812c2_bkransomware
- Size
  
  96KB
- MD5
  
  3de038aa04235403167cde0f8d5812c2
- SHA1
  
  542e20f52fff41ea9f72ca9cb30f8c1b6dfcbdea
- SHA256
  
  4b6ec354e2b5762b42fbd692a2126e1f6a3a216cd5c1a32df7ca377d59acabf7
- SHA512
  
  98fb300a6b6fbf2e20388c76c8c488e9dd0f0c3f201a5ae50544b8fc2e879275b6774f07320bb32628e9937d57bc56a7523308ae580b6976ae5085407c11c89b
- SSDEEP
  
  1536:Fc897UsWjcd9w+AyabjDbxE+MwmvlDuazTdtDBL4W+fD9BylXc9Ftj25LjdBTZX:ZhpAyazIlyazTdovDj+4sBF
Score

7^/10

discovery persistence spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Credentials from Password Stores

Credentials from Web Browsers

Unsecured Credentials

Credentials In Files

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistencespywarestealer

behavioral2

discoverypersistencespywarestealer