d23a721cf8f9c381afe18b364fa8c3f86d097e74f0a5de76ae19a3f44221c3e9 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

2024-02-21...uk.exe

windows10-2004-x64

7

Sharing

General

Target

2024-02-21_432534a97dce902e629bcf675bd79763_ryuk
Size

1.3MB
Sample

240221-2fmlcagb7z
MD5

432534a97dce902e629bcf675bd79763
SHA1

b4b35048d8599899198443049bf32466319fbcc8
SHA256

d23a721cf8f9c381afe18b364fa8c3f86d097e74f0a5de76ae19a3f44221c3e9
SHA512

2d059c298ed39e4d4c44cb6392e8a7bfd88ebfd12a86ca704d83336b2447cf1e0e7a7832b3ef33e0fd3c57ab7ebf36930c8073413cccc886b45a936fac5ff46f
SSDEEP

12288:PsixPwnLuXdP7In9w5/lmFN0YNG4JEhBRK2tNLbrMKU5vBXd:PZFwLutP69KlPY9EhBRxtNLM5vBXd

Score

7^/10

spyware stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

2024-02-21_432534a97dce902e629bcf675bd79763_ryuk.exe

Resource

win10v2004-20240221-en

spyware stealer

windows10-2004-x64

14 signatures

150 seconds

Malware Config

Targets

- Target
  
  2024-02-21_432534a97dce902e629bcf675bd79763_ryuk
- Size
  
  1.3MB
- MD5
  
  432534a97dce902e629bcf675bd79763
- SHA1
  
  b4b35048d8599899198443049bf32466319fbcc8
- SHA256
  
  d23a721cf8f9c381afe18b364fa8c3f86d097e74f0a5de76ae19a3f44221c3e9
- SHA512
  
  2d059c298ed39e4d4c44cb6392e8a7bfd88ebfd12a86ca704d83336b2447cf1e0e7a7832b3ef33e0fd3c57ab7ebf36930c8073413cccc886b45a936fac5ff46f
- SSDEEP
  
  12288:PsixPwnLuXdP7In9w5/lmFN0YNG4JEhBRK2tNLbrMKU5vBXd:PZFwLutP69KlPY9EhBRxtNLM5vBXd
Score

7^/10

spyware stealer
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy