General

  • Target

    2024-10-26_f59f91301009ad6650a8c65ff601736b_bkransomware

  • Size

    1.8MB

  • Sample

    241026-flqz3a1flq

  • MD5

    f59f91301009ad6650a8c65ff601736b

  • SHA1

    0cb23805b172b43e09c0957944277ac9976ca466

  • SHA256

    2c864f5eb4f8953b536d023d68fb9d35d09359b3fe39306715c50573e022e4db

  • SHA512

    bc9a629607b3b9aea8d1364e022515275534e11888b6a99d1393a6ff8cfd83f592ef302be0426be2229504b39c27c798ddcdabc423e11efe5e1db6b60e094d92

  • SSDEEP

    49152:5Ey9+ApwXk1QE1RzsEQPaxHNE/snji6attJM:h93wXmoK8EnW6at

Malware Config

Targets

    • Target

      2024-10-26_f59f91301009ad6650a8c65ff601736b_bkransomware

    • Size

      1.8MB

    • MD5

      f59f91301009ad6650a8c65ff601736b

    • SHA1

      0cb23805b172b43e09c0957944277ac9976ca466

    • SHA256

      2c864f5eb4f8953b536d023d68fb9d35d09359b3fe39306715c50573e022e4db

    • SHA512

      bc9a629607b3b9aea8d1364e022515275534e11888b6a99d1393a6ff8cfd83f592ef302be0426be2229504b39c27c798ddcdabc423e11efe5e1db6b60e094d92

    • SSDEEP

      49152:5Ey9+ApwXk1QE1RzsEQPaxHNE/snji6attJM:h93wXmoK8EnW6at

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks