91c93784b885dfb98732dfc90889827614b33d8be8fbd80e389938d8d2c7811b | Triage

Sharing

General

Target

2024-01-18_c54153dd2ec2cefa32c85dbca33f0c9d_ryuk
Size

5.5MB
Sample

240118-3bmafsfdej
MD5

c54153dd2ec2cefa32c85dbca33f0c9d
SHA1

f9ed01d8a2f1114c5751cb8359d626d7b7775edc
SHA256

91c93784b885dfb98732dfc90889827614b33d8be8fbd80e389938d8d2c7811b
SHA512

3fd54a12a8daf5e411682e86ffaed0c072429b95504291b1582084919cea944f2e2ba9bd962885e24d82cf04a1f68157ac73993ac6e4ec39697fcd87961efdfc
SSDEEP

49152:sEFbqzA/PvIGDFr9AtwA3PlpIgong0yTI+q47W1bn9tJEUxDG0BYYrLA50IHLGf9:aAI5pAdV9n9tbnR1VgBVmnt2sEE5

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  2024-01-18_c54153dd2ec2cefa32c85dbca33f0c9d_ryuk
- Size
  
  5.5MB
- MD5
  
  c54153dd2ec2cefa32c85dbca33f0c9d
- SHA1
  
  f9ed01d8a2f1114c5751cb8359d626d7b7775edc
- SHA256
  
  91c93784b885dfb98732dfc90889827614b33d8be8fbd80e389938d8d2c7811b
- SHA512
  
  3fd54a12a8daf5e411682e86ffaed0c072429b95504291b1582084919cea944f2e2ba9bd962885e24d82cf04a1f68157ac73993ac6e4ec39697fcd87961efdfc
- SSDEEP
  
  49152:sEFbqzA/PvIGDFr9AtwA3PlpIgong0yTI+q47W1bn9tJEUxDG0BYYrLA50IHLGf9:aAI5pAdV9n9tbnR1VgBVmnt2sEE5
Score

7^/10

spyware stealer
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2