Overview

overview

7

Static

static

3

2024-04-28...uk.exe

windows7-x64

7

2024-04-28...uk.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-04-28_170a64b127d299a9da3682c4e935f26c_ryuk

  • Size

    1.1MB

  • Sample

    240428-wmrkzsdc75

  • MD5

    170a64b127d299a9da3682c4e935f26c

  • SHA1

    6c265b7411a70975a0e5a4d16c5ccd6aa7fc489c

  • SHA256

    98cfd16b11304be056dce24af429e32dfc183cd9fc71fc50602fae2e4d668c0f

  • SHA512

    bbe0a75864917292f9f1ea8a637b749a71da1e0299b6d4b0f983f579c474d01528567dff005c73f3cf94785726684b8b64433d0bd51bcd332005795b5703c919

  • SSDEEP

    24576:WSi1SoCU5qJSr1eWPSCsP0MugC6eTaqMrfUgYbkhqfj8uqw:GS7PLjeT+rfPOkhqvq

Score
7/10
spywarestealer

Malware Config

Targets

    • Target

      2024-04-28_170a64b127d299a9da3682c4e935f26c_ryuk

    • Size

      1.1MB

    • MD5

      170a64b127d299a9da3682c4e935f26c

    • SHA1

      6c265b7411a70975a0e5a4d16c5ccd6aa7fc489c

    • SHA256

      98cfd16b11304be056dce24af429e32dfc183cd9fc71fc50602fae2e4d668c0f

    • SHA512

      bbe0a75864917292f9f1ea8a637b749a71da1e0299b6d4b0f983f579c474d01528567dff005c73f3cf94785726684b8b64433d0bd51bcd332005795b5703c919

    • SSDEEP

      24576:WSi1SoCU5qJSr1eWPSCsP0MugC6eTaqMrfUgYbkhqfj8uqw:GS7PLjeT+rfPOkhqvq

    Score
    7/10
    spywarestealer

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

1
T1552

Credentials In Files

1
T1552.001

Discovery

System Information Discovery

3
T1082

Query Registry

3
T1012

Peripheral Device Discovery

1
T1120

Lateral Movement

Collection

Data from Local System

1
T1005

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks