General

  • Target

    2024-04-03_e7100293ddf772f89795710563a8130b_ryuk

  • Size

    1.7MB

  • Sample

    240403-qallbadh72

  • MD5

    e7100293ddf772f89795710563a8130b

  • SHA1

    12fc87dbd53506ca5f5696237f0c0d97e707a9dc

  • SHA256

    c00051b62d378608698e3b73e7774784fa3061220b66df5ac794b0db92fe72bf

  • SHA512

    e87053888bc50ec619705900e2d7ebfb45915f3aac11f7665f8a589ac5f060f35b5ca19477af573262ef74dc04ec78504b2d321eb50c62e75b469216c7e8ed62

  • SSDEEP

    49152:sgtHUujpj7AewZmZhRdhEHCks7R9L58UqFJjskU:vFh7ZhCC17DVqFJU

Score
7/10

Malware Config

Targets

    • Target

      2024-04-03_e7100293ddf772f89795710563a8130b_ryuk

    • Size

      1.7MB

    • MD5

      e7100293ddf772f89795710563a8130b

    • SHA1

      12fc87dbd53506ca5f5696237f0c0d97e707a9dc

    • SHA256

      c00051b62d378608698e3b73e7774784fa3061220b66df5ac794b0db92fe72bf

    • SHA512

      e87053888bc50ec619705900e2d7ebfb45915f3aac11f7665f8a589ac5f060f35b5ca19477af573262ef74dc04ec78504b2d321eb50c62e75b469216c7e8ed62

    • SSDEEP

      49152:sgtHUujpj7AewZmZhRdhEHCks7R9L58UqFJjskU:vFh7ZhCC17DVqFJU

    Score
    7/10
    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks