f8f2e731aee87d83a4fde18c5ec19c558c2b3add86e0f40b8395037bb44288d5 | Triage

Sharing

General

Target

2024-04-23_acdd40786b08124e87b701a99590239c_ryuk
Size

6.8MB
Sample

240423-y3k49abd8t
MD5

acdd40786b08124e87b701a99590239c
SHA1

0db6a4bc0f77de3f5739b146b291281f84468f2b
SHA256

f8f2e731aee87d83a4fde18c5ec19c558c2b3add86e0f40b8395037bb44288d5
SHA512

84e355f726eb451d4d7cdd42f7bda7b4c065163e23b3805e749179cc7cd12e1e65610bf2ad8e2a9822447737706c6e734fd7d2a6ca4f5092422a3c4f085dd9ab
SSDEEP

98304:9GEKDT3NBzuBgQxlUvho0roXWtSrn2vT6:8EKDLNJuNx2v20QWts2m

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  2024-04-23_acdd40786b08124e87b701a99590239c_ryuk
- Size
  
  6.8MB
- MD5
  
  acdd40786b08124e87b701a99590239c
- SHA1
  
  0db6a4bc0f77de3f5739b146b291281f84468f2b
- SHA256
  
  f8f2e731aee87d83a4fde18c5ec19c558c2b3add86e0f40b8395037bb44288d5
- SHA512
  
  84e355f726eb451d4d7cdd42f7bda7b4c065163e23b3805e749179cc7cd12e1e65610bf2ad8e2a9822447737706c6e734fd7d2a6ca4f5092422a3c4f085dd9ab
- SSDEEP
  
  98304:9GEKDT3NBzuBgQxlUvho0roXWtSrn2vT6:8EKDLNJuNx2v20QWts2m
Score

7^/10

spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Downloads MZ/PE file
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1