2d0fa1e49bea8abcfdaefdd97a56486f27dbaf10f09df39a19a8a1bea25553d7 | Triage

Sharing

General

Target

2024-04-15_1daea250f0f39cf8e6e3ace932a38cec_ryuk
Size

2.2MB
Sample

240415-hw2wesbf8v
MD5

1daea250f0f39cf8e6e3ace932a38cec
SHA1

425d6e0bf8d6f716b87c21d81600e98e0e0d1cad
SHA256

2d0fa1e49bea8abcfdaefdd97a56486f27dbaf10f09df39a19a8a1bea25553d7
SHA512

94fa1cbe481954c89f8cd8a3ad4932c50673f1268dac72bf98de5bd9eb293e693f71760f38706df0cf8f09acca9f447f6f8c6ab9e7d1431e03d74de5b3a7a8fb
SSDEEP

24576:nOObVw4TaN1wdkukCba4oXtgLhU3wEdmh58c1SwPHU8X31PfU17DhZy0lxHZ9/I:nOOh3aN4kuLbegmtGcw/3FPfUNDZ4

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  2024-04-15_1daea250f0f39cf8e6e3ace932a38cec_ryuk
- Size
  
  2.2MB
- MD5
  
  1daea250f0f39cf8e6e3ace932a38cec
- SHA1
  
  425d6e0bf8d6f716b87c21d81600e98e0e0d1cad
- SHA256
  
  2d0fa1e49bea8abcfdaefdd97a56486f27dbaf10f09df39a19a8a1bea25553d7
- SHA512
  
  94fa1cbe481954c89f8cd8a3ad4932c50673f1268dac72bf98de5bd9eb293e693f71760f38706df0cf8f09acca9f447f6f8c6ab9e7d1431e03d74de5b3a7a8fb
- SSDEEP
  
  24576:nOObVw4TaN1wdkukCba4oXtgLhU3wEdmh58c1SwPHU8X31PfU17DhZy0lxHZ9/I:nOOh3aN4kuLbegmtGcw/3FPfUNDZ4
Score

7^/10

spyware stealer
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2