048c960b0e1264c05393beb6d71f6e1c101d252d23d260c66d54f5f7d4044e6c | Triage

Sharing

General

Target

2024-02-21_46da0dc6a5c1b0682cc30a004d57ce2a_ryuk
Size

5.0MB
Sample

240221-bfvnvahd35
MD5

46da0dc6a5c1b0682cc30a004d57ce2a
SHA1

0f4f11830e3b5aaa7ca5d9c3ffbfefc36bc3f620
SHA256

048c960b0e1264c05393beb6d71f6e1c101d252d23d260c66d54f5f7d4044e6c
SHA512

4d635500d9fe08a652310f74313ad2d83708631d961aae60762e2d26012df0ae2178b15bfe881ff5e2a670b1b708e251cd2545fa1235cba9a737d77a3de72566
SSDEEP

98304:0UfMOmrHQktlw2Kce26t+JhVWn2xxjsgIzsWu+X3yyYRNNENt:0c23tlKXqXWnAfIzzuEWN

Score

7^/10

pyinstaller spyware stealer

Malware Config

Targets

- Target
  
  2024-02-21_46da0dc6a5c1b0682cc30a004d57ce2a_ryuk
- Size
  
  5.0MB
- MD5
  
  46da0dc6a5c1b0682cc30a004d57ce2a
- SHA1
  
  0f4f11830e3b5aaa7ca5d9c3ffbfefc36bc3f620
- SHA256
  
  048c960b0e1264c05393beb6d71f6e1c101d252d23d260c66d54f5f7d4044e6c
- SHA512
  
  4d635500d9fe08a652310f74313ad2d83708631d961aae60762e2d26012df0ae2178b15bfe881ff5e2a670b1b708e251cd2545fa1235cba9a737d77a3de72566
- SSDEEP
  
  98304:0UfMOmrHQktlw2Kce26t+JhVWn2xxjsgIzsWu+X3yyYRNNENt:0c23tlKXqXWnAfIzzuEWN
Score

7^/10

spyware stealer
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2