General

  • Target

    2024-11-08_88574adf6b22687ed4b867a60634bed8_bkransomware

  • Size

    1.8MB

  • Sample

    241108-2bed6s1dmh

  • MD5

    88574adf6b22687ed4b867a60634bed8

  • SHA1

    36879e28e86a180301967aa746e31babaec128b8

  • SHA256

    d4f61d2c92281ea792f9875f829c0f96f834f2f694830ffc7e5fd0d85b0a8a25

  • SHA512

    fe2f440d92a19b502f64367e0d09f70daa63c8ccb0cd6e786ee9e89757901561d891e653c59a4b79e4ab3b60e6d81bf6e2d58ccac761a303df2192e3249ab977

  • SSDEEP

    49152:KE19+ApwXk1QE1RzsEQPaxHNOkQ/qoLEw:P93wXmoKqqo4w

Malware Config

Targets

    • Target

      2024-11-08_88574adf6b22687ed4b867a60634bed8_bkransomware

    • Size

      1.8MB

    • MD5

      88574adf6b22687ed4b867a60634bed8

    • SHA1

      36879e28e86a180301967aa746e31babaec128b8

    • SHA256

      d4f61d2c92281ea792f9875f829c0f96f834f2f694830ffc7e5fd0d85b0a8a25

    • SHA512

      fe2f440d92a19b502f64367e0d09f70daa63c8ccb0cd6e786ee9e89757901561d891e653c59a4b79e4ab3b60e6d81bf6e2d58ccac761a303df2192e3249ab977

    • SSDEEP

      49152:KE19+ApwXk1QE1RzsEQPaxHNOkQ/qoLEw:P93wXmoKqqo4w

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks