d3e3ef9a45bbd707b32b4761949cb4480b217c6a6739a4c8b6b0fbc892b0beee | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-01-23_3334a88e14aef54b58eb4cbf57f997d5_ryuk
Size

2.2MB
Sample

240123-vayyvsddd4
MD5

3334a88e14aef54b58eb4cbf57f997d5
SHA1

14cfeb94e0318aac70c03d681069393958db3688
SHA256

d3e3ef9a45bbd707b32b4761949cb4480b217c6a6739a4c8b6b0fbc892b0beee
SHA512

62df9f78eb0e799a5e09c2e74820e1c3cea4c8ff9a10f5ae98dbdea65f179c913ca45845e0fcf26225690df00a790f3370ab284785c0faadfb7f6293acce67af
SSDEEP

49152:fOOh3aN4kuLbegmtGBgDUYmvFur31yAipQCtXxc0H:3U4ku/ctTU7dG1yfpVBlH

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  2024-01-23_3334a88e14aef54b58eb4cbf57f997d5_ryuk
- Size
  
  2.2MB
- MD5
  
  3334a88e14aef54b58eb4cbf57f997d5
- SHA1
  
  14cfeb94e0318aac70c03d681069393958db3688
- SHA256
  
  d3e3ef9a45bbd707b32b4761949cb4480b217c6a6739a4c8b6b0fbc892b0beee
- SHA512
  
  62df9f78eb0e799a5e09c2e74820e1c3cea4c8ff9a10f5ae98dbdea65f179c913ca45845e0fcf26225690df00a790f3370ab284785c0faadfb7f6293acce67af
- SSDEEP
  
  49152:fOOh3aN4kuLbegmtGBgDUYmvFur31yAipQCtXxc0H:3U4ku/ctTU7dG1yfpVBlH
Score

7^/10

spyware stealer
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2