General

  • Target

    2024-04-21_f75f7e24b5a16a7acfc6c9db9617db0c_ryuk

  • Size

    2.2MB

  • Sample

    240421-zbtsrabb42

  • MD5

    f75f7e24b5a16a7acfc6c9db9617db0c

  • SHA1

    d105cf21bf00c9d8a6ddb577445895734108b960

  • SHA256

    88266c4827239edfaf49e8e8f2abe170fe34e159c24ed605350ff26089f8098f

  • SHA512

    e792c1671eba581ddb95d8119c0e99a6dc085166d706df56bacff469e0508679c09b46307767b321a1865962659d556d592118419e049426526ac76a2c8d7de5

  • SSDEEP

    49152:nOOh3aN4kuLbegmtGB6ZU6CENlc7dpJLrQWd:/U4ku/ct469CEN6rV

Score
7/10

Malware Config

Targets

    • Target

      2024-04-21_f75f7e24b5a16a7acfc6c9db9617db0c_ryuk

    • Size

      2.2MB

    • MD5

      f75f7e24b5a16a7acfc6c9db9617db0c

    • SHA1

      d105cf21bf00c9d8a6ddb577445895734108b960

    • SHA256

      88266c4827239edfaf49e8e8f2abe170fe34e159c24ed605350ff26089f8098f

    • SHA512

      e792c1671eba581ddb95d8119c0e99a6dc085166d706df56bacff469e0508679c09b46307767b321a1865962659d556d592118419e049426526ac76a2c8d7de5

    • SSDEEP

      49152:nOOh3aN4kuLbegmtGB6ZU6CENlc7dpJLrQWd:/U4ku/ct469CEN6rV

    Score
    7/10
    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks