General

  • Target

    2024-04-03_f20e6b22d8e4d9df82aceec26a12aa5f_ryuk

  • Size

    1.8MB

  • Sample

    240403-mln9sscf34

  • MD5

    f20e6b22d8e4d9df82aceec26a12aa5f

  • SHA1

    5314aae0a4db009eeee53b76c5817e21a65777b2

  • SHA256

    e8120cca3243174642aa8c527b2377553aed137547288cfb8079f1ed540b6b59

  • SHA512

    4536123e2b8a7c2f9b29626bed7cd0b90f72a4d51256dbd3ae248656b24a5bc140b97ad5a2fad522cdcc13443cbec7a9fbc219fa603a4ab0d9e8ea3cb4fb418d

  • SSDEEP

    49152:RKfuPS3ELNjV7IZxEfOfOgwf0FgDUYmvFur31yAipQCtXxc0H:Sm9sZxwgkU7dG1yfpVBlH

Score
9/10

Malware Config

Targets

    • Target

      2024-04-03_f20e6b22d8e4d9df82aceec26a12aa5f_ryuk

    • Size

      1.8MB

    • MD5

      f20e6b22d8e4d9df82aceec26a12aa5f

    • SHA1

      5314aae0a4db009eeee53b76c5817e21a65777b2

    • SHA256

      e8120cca3243174642aa8c527b2377553aed137547288cfb8079f1ed540b6b59

    • SHA512

      4536123e2b8a7c2f9b29626bed7cd0b90f72a4d51256dbd3ae248656b24a5bc140b97ad5a2fad522cdcc13443cbec7a9fbc219fa603a4ab0d9e8ea3cb4fb418d

    • SSDEEP

      49152:RKfuPS3ELNjV7IZxEfOfOgwf0FgDUYmvFur31yAipQCtXxc0H:Sm9sZxwgkU7dG1yfpVBlH

    Score
    9/10
    • Detects executables containing bas64 encoded gzip files

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks