12e2de0fb559f3f65fa9d70489e27c9fe61ec80198468ad4c6ce6d3bca2e1ada | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-21_b514ca56a92243871c2d83a9226ef167_ryuk
Size

2.2MB
Sample

240421-psr1dabh4w
MD5

b514ca56a92243871c2d83a9226ef167
SHA1

e7d9199a7cb631a8ae442ad860ff7ab315dc0536
SHA256

12e2de0fb559f3f65fa9d70489e27c9fe61ec80198468ad4c6ce6d3bca2e1ada
SHA512

529f6e5fd6c0b0a82b5b2a984ea6a22fdfa9f1021f273e3ec15dfdaa57b574b838183c57c67d2b01d8b3b8b0a5522f8e7dfc02d4247fb9a3e9168911bdf66068
SSDEEP

24576:NOObVw4TaN1wdFukCba4oXtgLhU3wEdmh58Ut2rR8FfBhRJUEbDk1ulUQ:NOOh3aN4FuLbegmtGrt2r4PRSEk1ul

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  2024-04-21_b514ca56a92243871c2d83a9226ef167_ryuk
- Size
  
  2.2MB
- MD5
  
  b514ca56a92243871c2d83a9226ef167
- SHA1
  
  e7d9199a7cb631a8ae442ad860ff7ab315dc0536
- SHA256
  
  12e2de0fb559f3f65fa9d70489e27c9fe61ec80198468ad4c6ce6d3bca2e1ada
- SHA512
  
  529f6e5fd6c0b0a82b5b2a984ea6a22fdfa9f1021f273e3ec15dfdaa57b574b838183c57c67d2b01d8b3b8b0a5522f8e7dfc02d4247fb9a3e9168911bdf66068
- SSDEEP
  
  24576:NOObVw4TaN1wdFukCba4oXtgLhU3wEdmh58Ut2rR8FfBhRJUEbDk1ulUQ:NOOh3aN4FuLbegmtGrt2r4PRSEk1ul
Score

7^/10

spyware stealer
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2