Overview

overview

7

Static

static

3

2024-04-28...uk.exe

windows7-x64

1

2024-04-28...uk.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-04-28_69328701147ffe4d1495f95070734da6_ryuk

  • Size

    2.2MB

  • Sample

    240428-n8j42afc76

  • MD5

    69328701147ffe4d1495f95070734da6

  • SHA1

    c5f03d4a3868db47e72c5cd6813d4cd605ddbf19

  • SHA256

    c2b5bf1caa420ca87a4b1ff4013e0a25201f228201aba113caf62339284a2bca

  • SHA512

    a210e91182985b6f35430c1f1d8d6ffc65e155797789bd6c4603d0a9531cf41c795f5e8925bec6f7acbe3508b2d2961e2e128b231e41378ff82b527ad5553b63

  • SSDEEP

    49152:5OOh3aN4kuLbegmtGs19zPkAwtdwKzDX4JE:hU4ku/ctbh8AydV

Score
7/10
spywarestealer

Malware Config

Targets

    • Target

      2024-04-28_69328701147ffe4d1495f95070734da6_ryuk

    • Size

      2.2MB

    • MD5

      69328701147ffe4d1495f95070734da6

    • SHA1

      c5f03d4a3868db47e72c5cd6813d4cd605ddbf19

    • SHA256

      c2b5bf1caa420ca87a4b1ff4013e0a25201f228201aba113caf62339284a2bca

    • SHA512

      a210e91182985b6f35430c1f1d8d6ffc65e155797789bd6c4603d0a9531cf41c795f5e8925bec6f7acbe3508b2d2961e2e128b231e41378ff82b527ad5553b63

    • SSDEEP

      49152:5OOh3aN4kuLbegmtGs19zPkAwtdwKzDX4JE:hU4ku/ctbh8AydV

    Score
    7/10
    spywarestealer

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

1
T1552

Credentials In Files

1
T1552.001

Discovery

System Information Discovery

3
T1082

Query Registry

2
T1012

Peripheral Device Discovery

1
T1120

Lateral Movement

Collection

Data from Local System

1
T1005

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks