General

  • Target

    2024-11-12_c563ab78982d78567eef7afe59ffbe14_bkransomware

  • Size

    1.8MB

  • Sample

    241112-txp4sswgml

  • MD5

    c563ab78982d78567eef7afe59ffbe14

  • SHA1

    beb1cec859b45befeefac246d9d0a7adf1e70942

  • SHA256

    b640b2d07bc22a5b4c17195d3701942878c8522b3bc279ec5c6dc9a0c1bec66c

  • SHA512

    b0cff301adc3b0836c74e7d0938cc9b4d6643f60bd49bcbf9e758fa002ced679f359d06622e4f2f8b3a7fc0020581dcf0070d2b73e5eedd207ee2cd321d8787f

  • SSDEEP

    49152:dE19+ApwXk1QE1RzsEQPaxHN2kQ/qoLEw:e93wXmoKiqo4w

Malware Config

Targets

    • Target

      2024-11-12_c563ab78982d78567eef7afe59ffbe14_bkransomware

    • Size

      1.8MB

    • MD5

      c563ab78982d78567eef7afe59ffbe14

    • SHA1

      beb1cec859b45befeefac246d9d0a7adf1e70942

    • SHA256

      b640b2d07bc22a5b4c17195d3701942878c8522b3bc279ec5c6dc9a0c1bec66c

    • SHA512

      b0cff301adc3b0836c74e7d0938cc9b4d6643f60bd49bcbf9e758fa002ced679f359d06622e4f2f8b3a7fc0020581dcf0070d2b73e5eedd207ee2cd321d8787f

    • SSDEEP

      49152:dE19+ApwXk1QE1RzsEQPaxHN2kQ/qoLEw:e93wXmoKiqo4w

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks