4850dc8c4c65e296009fb6398188e1ad8c9531f2da02520cfd4693e4ac7be2f4 | Triage

Submit
Reports

Overview

overview

7

Static

static

3

2024-04-21...uk.exe

windows7-x64

7

2024-04-21...uk.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-21_f8dfd8157ec08f57572108762ef28e25_ryuk
Size

3.2MB
Sample

240421-pntcmsbg3x
MD5

f8dfd8157ec08f57572108762ef28e25
SHA1

e7b7b35ae364636bc8fb4b699a178628325fe7cb
SHA256

4850dc8c4c65e296009fb6398188e1ad8c9531f2da02520cfd4693e4ac7be2f4
SHA512

d1168f02b9b3954b22bcff9bced4f528240381959aa9f4b2127d9f46401486586261dba4c302d87a8ec55a02ecd0f2da6c3c87eeb64f17b4b74dcbfd7f366022
SSDEEP

49152:g5k1YCdptya507NUUWn043oHS3fTIYwVq1/xT3DDbw0TUqy+/snji6attJM:GNhSMYw8yGEnW6at

Score

7^/10

spyware stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

2024-04-21_f8dfd8157ec08f57572108762ef28e25_ryuk.exe

Resource

win7-20240220-en

spyware stealer

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

2024-04-21_f8dfd8157ec08f57572108762ef28e25_ryuk.exe

Resource

win10v2004-20240412-en

spyware stealer

windows10-2004-x64

18 signatures

150 seconds

Malware Config

Targets

- Target
  
  2024-04-21_f8dfd8157ec08f57572108762ef28e25_ryuk
- Size
  
  3.2MB
- MD5
  
  f8dfd8157ec08f57572108762ef28e25
- SHA1
  
  e7b7b35ae364636bc8fb4b699a178628325fe7cb
- SHA256
  
  4850dc8c4c65e296009fb6398188e1ad8c9531f2da02520cfd4693e4ac7be2f4
- SHA512
  
  d1168f02b9b3954b22bcff9bced4f528240381959aa9f4b2127d9f46401486586261dba4c302d87a8ec55a02ecd0f2da6c3c87eeb64f17b4b74dcbfd7f366022
- SSDEEP
  
  49152:g5k1YCdptya507NUUWn043oHS3fTIYwVq1/xT3DDbw0TUqy+/snji6attJM:GNhSMYw8yGEnW6at
Score

7^/10

spyware stealer
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy