General

  • Target

    2024-02-23_7777965385f9180b50b561a78fc44ff1_ryuk

  • Size

    14.9MB

  • Sample

    240223-nmkhnsfc81

  • MD5

    7777965385f9180b50b561a78fc44ff1

  • SHA1

    2647dd3fc7b5a911301474af679c4db9f33f7842

  • SHA256

    29847ebafcead5a736de54c9a6ece3966787f43fb5a34542d56b77c5145d8acb

  • SHA512

    ab23b1b9536b27da1f8867bfc4c3d2795ffaa7b1b4cc407546b9184ca92c65255ea4919e800ea649236d4ba9e967777bd4b2b44c4ce3770b3990acd53c1939f9

  • SSDEEP

    196608:S7AP/NNECwHrc8u3x3AEcq/fByuKlWH3CToufqrR:Sa/vQHrc8u3xXJ/f4uUWHd

Malware Config

Targets

    • Target

      2024-02-23_7777965385f9180b50b561a78fc44ff1_ryuk

    • Size

      14.9MB

    • MD5

      7777965385f9180b50b561a78fc44ff1

    • SHA1

      2647dd3fc7b5a911301474af679c4db9f33f7842

    • SHA256

      29847ebafcead5a736de54c9a6ece3966787f43fb5a34542d56b77c5145d8acb

    • SHA512

      ab23b1b9536b27da1f8867bfc4c3d2795ffaa7b1b4cc407546b9184ca92c65255ea4919e800ea649236d4ba9e967777bd4b2b44c4ce3770b3990acd53c1939f9

    • SSDEEP

      196608:S7AP/NNECwHrc8u3x3AEcq/fByuKlWH3CToufqrR:Sa/vQHrc8u3xXJ/f4uUWHd

    • Detects executables packed with Dotfuscator

    • Detects executables packed with SmartAssembly

    • Detects executables packed with Yano Obfuscator

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks