f895e19c3779e833612b0d4dc642472c83e31402496ab6c5b1b680ced9eccc73 | Triage

Submit
Reports

Overview

overview

7

Static

static

3

2024-03-19...uk.exe

windows7-x64

5

2024-03-19...uk.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

Target

2024-03-19_51ff9245e608f723616a14fc921f328f_cobalt-strike_ryuk
Size

946KB
Sample

240319-se8yhseg95
MD5

51ff9245e608f723616a14fc921f328f
SHA1

fb3d45be7b0de46c7aa8248ebc876b1628ac9d7d
SHA256

f895e19c3779e833612b0d4dc642472c83e31402496ab6c5b1b680ced9eccc73
SHA512

972b530966afd36d29146308e387ab911bfd54d2650b70c8a3ca16a08cb9ebd84f07aa2ba80f4f83b868a16cfba3c208a2e30ad5f17a6c66d4a6badd1604a0b3
SSDEEP

12288:9lLMLTHAXoUpkdJAdGy2EmqmFrfBCgiw4bivhqGoj85sVPL5qw+Df:4TgnpwJ+R2/qMrfUgYbkhqfj8uqw

Score

7^/10

spyware stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

2024-03-19_51ff9245e608f723616a14fc921f328f_cobalt-strike_ryuk.exe

Resource

win7-20240221-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

2024-03-19_51ff9245e608f723616a14fc921f328f_cobalt-strike_ryuk.exe

Resource

win10v2004-20240226-en

spyware stealer

windows10-2004-x64

14 signatures

150 seconds

Malware Config

Targets

- Target
  
  2024-03-19_51ff9245e608f723616a14fc921f328f_cobalt-strike_ryuk
- Size
  
  946KB
- MD5
  
  51ff9245e608f723616a14fc921f328f
- SHA1
  
  fb3d45be7b0de46c7aa8248ebc876b1628ac9d7d
- SHA256
  
  f895e19c3779e833612b0d4dc642472c83e31402496ab6c5b1b680ced9eccc73
- SHA512
  
  972b530966afd36d29146308e387ab911bfd54d2650b70c8a3ca16a08cb9ebd84f07aa2ba80f4f83b868a16cfba3c208a2e30ad5f17a6c66d4a6badd1604a0b3
- SSDEEP
  
  12288:9lLMLTHAXoUpkdJAdGy2EmqmFrfBCgiw4bivhqGoj85sVPL5qw+Df:4TgnpwJ+R2/qMrfUgYbkhqfj8uqw
Score

7^/10

spyware stealer
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy