General

  • Target

    2024-04-03_1a213a216adae5f9062dba60e8c20155_ryuk

  • Size

    5.5MB

  • Sample

    240403-xfxzvshg94

  • MD5

    1a213a216adae5f9062dba60e8c20155

  • SHA1

    a642dc1b7a95f60cd71ada60c9497ed52c5e02da

  • SHA256

    20976669ef5f33c2bc5e0d5126582acdd778b6603b31a442a826ba500fee898c

  • SHA512

    61eac0b8a7e6ac1c12563cf63ac834a71bc4690311efab969ad63262ec74a71f4d1ca313268db9558794cdabe909bbe5d8197b548c4daf7886321457b4c40bbf

  • SSDEEP

    98304:QAI5pAdV/n9tbnR1VgBVmku0JwAio1/8:QAsC37XYj1iY8

Score
7/10

Malware Config

Targets

    • Target

      2024-04-03_1a213a216adae5f9062dba60e8c20155_ryuk

    • Size

      5.5MB

    • MD5

      1a213a216adae5f9062dba60e8c20155

    • SHA1

      a642dc1b7a95f60cd71ada60c9497ed52c5e02da

    • SHA256

      20976669ef5f33c2bc5e0d5126582acdd778b6603b31a442a826ba500fee898c

    • SHA512

      61eac0b8a7e6ac1c12563cf63ac834a71bc4690311efab969ad63262ec74a71f4d1ca313268db9558794cdabe909bbe5d8197b548c4daf7886321457b4c40bbf

    • SSDEEP

      98304:QAI5pAdV/n9tbnR1VgBVmku0JwAio1/8:QAsC37XYj1iY8

    Score
    7/10
    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks