General

  • Target

    2024-11-14_62ce7246e67818ebf0037520ef74a625_bkransomware

  • Size

    76KB

  • Sample

    241114-nmvzeaxqes

  • MD5

    62ce7246e67818ebf0037520ef74a625

  • SHA1

    b1f05db5aed2d06bfef3bee01113846ee104d682

  • SHA256

    2b96cd5afc94fad547fd92b53d5b0a49e545dd33434248049461000080e3b433

  • SHA512

    de424d8dc347568c22afeb8c310bfa2daa48fdf7dabd97657496e1db5b7c7e59ddfc5bc52d2a66b6bf25f4e4fb8f12b33c04a30159cebe541a0ced9d2f95e8b6

  • SSDEEP

    1536:Fc897UsWjcd9w+AyabjDbxE+MwmvlDuazTF48eiDs:ZhpAyazIlyazTzPDs

Malware Config

Targets

    • Target

      2024-11-14_62ce7246e67818ebf0037520ef74a625_bkransomware

    • Size

      76KB

    • MD5

      62ce7246e67818ebf0037520ef74a625

    • SHA1

      b1f05db5aed2d06bfef3bee01113846ee104d682

    • SHA256

      2b96cd5afc94fad547fd92b53d5b0a49e545dd33434248049461000080e3b433

    • SHA512

      de424d8dc347568c22afeb8c310bfa2daa48fdf7dabd97657496e1db5b7c7e59ddfc5bc52d2a66b6bf25f4e4fb8f12b33c04a30159cebe541a0ced9d2f95e8b6

    • SSDEEP

      1536:Fc897UsWjcd9w+AyabjDbxE+MwmvlDuazTF48eiDs:ZhpAyazIlyazTzPDs

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks