General
-
Target
2024-03-15_5734d50c97440228b4c75215158acce8_ryuk
-
Size
14.9MB
-
Sample
240315-g7tthsaa2w
-
MD5
5734d50c97440228b4c75215158acce8
-
SHA1
b5dca39ada6f38faf78524e9aed127a59a830330
-
SHA256
ccd7ef01fa9f0989de6065f729efdec5bb7715378bbaa21c98813642d731778c
-
SHA512
ea0dc9e79ea20bcbc2c089f61aef0c20243bf50a1f9a4539a23a2462da41a8c71e45eac3f6baa48efb0869fe57044062b69edd2e70b5a5530e5780abbb69b8b6
-
SSDEEP
196608:E7AP/NNECwHrc8u3x3AEcq/fByuKlWH3CTouXG:Ea/vQHrc8u3xXJ/f4uUWHW
Malware Config
Targets
-
-
Target
2024-03-15_5734d50c97440228b4c75215158acce8_ryuk
-
Size
14.9MB
-
MD5
5734d50c97440228b4c75215158acce8
-
SHA1
b5dca39ada6f38faf78524e9aed127a59a830330
-
SHA256
ccd7ef01fa9f0989de6065f729efdec5bb7715378bbaa21c98813642d731778c
-
SHA512
ea0dc9e79ea20bcbc2c089f61aef0c20243bf50a1f9a4539a23a2462da41a8c71e45eac3f6baa48efb0869fe57044062b69edd2e70b5a5530e5780abbb69b8b6
-
SSDEEP
196608:E7AP/NNECwHrc8u3x3AEcq/fByuKlWH3CTouXG:Ea/vQHrc8u3xXJ/f4uUWHW
Score9/10-
Detects executables packed with Dotfuscator
-
Detects executables packed with SmartAssembly
-
Detects executables packed with Yano Obfuscator
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-