General

  • Target

    2024-04-28_8b6240d65026c98c40d296fd9f463874_ryuk

  • Size

    5.5MB

  • Sample

    240428-l4hpasdb82

  • MD5

    8b6240d65026c98c40d296fd9f463874

  • SHA1

    415f4c6e2d0d0126341458558cbd011a5c557ffe

  • SHA256

    c6f300b2d261ee2624fafa685cc867d8d64cfc5013130c939d5ce010c8afddf0

  • SHA512

    b3bc9ef9818b86d67063a5fd15c865524beb290727699fddc8c0fe2b30e2ad8e2ddce9eaa8475e40ab3d6e1377dcf45914fdde5cf6d1c435aebd60dedb58caca

  • SSDEEP

    49152:BEFbqzA/PvIGDFr9AtwA3PlpIgong0yTI+q47W1Ln9tJEUxDG0BYYrLA50IHLGfJ:lAI5pAdVJn9tbnR1VgBVm/65tUV

Score
7/10

Malware Config

Targets

    • Target

      2024-04-28_8b6240d65026c98c40d296fd9f463874_ryuk

    • Size

      5.5MB

    • MD5

      8b6240d65026c98c40d296fd9f463874

    • SHA1

      415f4c6e2d0d0126341458558cbd011a5c557ffe

    • SHA256

      c6f300b2d261ee2624fafa685cc867d8d64cfc5013130c939d5ce010c8afddf0

    • SHA512

      b3bc9ef9818b86d67063a5fd15c865524beb290727699fddc8c0fe2b30e2ad8e2ddce9eaa8475e40ab3d6e1377dcf45914fdde5cf6d1c435aebd60dedb58caca

    • SSDEEP

      49152:BEFbqzA/PvIGDFr9AtwA3PlpIgong0yTI+q47W1Ln9tJEUxDG0BYYrLA50IHLGfJ:lAI5pAdVJn9tbnR1VgBVm/65tUV

    Score
    7/10
    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Drops file in System32 directory

MITRE ATT&CK Matrix ATT&CK v13

Credential Access

Unsecured Credentials

1
T1552

Credentials In Files

1
T1552.001

Discovery

System Information Discovery

4
T1082

Query Registry

3
T1012

Peripheral Device Discovery

1
T1120

Collection

Data from Local System

1
T1005

Tasks