General

  • Target

    2024-04-28_b8b95291b6367dc3365d83fd6ad14de3_ryuk

  • Size

    5.5MB

  • Sample

    240428-wpthcsdd23

  • MD5

    b8b95291b6367dc3365d83fd6ad14de3

  • SHA1

    5393917310a1fbee58194ebbc902277769a4c109

  • SHA256

    ab681e032fc54b6808984aa0069920e6b96dd23da20098bc42067c20c3aa3b9b

  • SHA512

    2e526198a1b0af8e06f20a4eb40e82631013394acdc9223bb277be945fffae19eeed7ba73d8d6081159b92330ef1941fb2afcd3ece5022dbcaaf33b401609bfd

  • SSDEEP

    49152:0EFbqzA/PvIGDFr9AtwA3PlpIgong0yTI+q47W1Ln9tJEUxDG0BYYrLA50IHLGfr:yAI5pAdVJn9tbnR1VgBVmp65tUV

Score
7/10

Malware Config

Targets

    • Target

      2024-04-28_b8b95291b6367dc3365d83fd6ad14de3_ryuk

    • Size

      5.5MB

    • MD5

      b8b95291b6367dc3365d83fd6ad14de3

    • SHA1

      5393917310a1fbee58194ebbc902277769a4c109

    • SHA256

      ab681e032fc54b6808984aa0069920e6b96dd23da20098bc42067c20c3aa3b9b

    • SHA512

      2e526198a1b0af8e06f20a4eb40e82631013394acdc9223bb277be945fffae19eeed7ba73d8d6081159b92330ef1941fb2afcd3ece5022dbcaaf33b401609bfd

    • SSDEEP

      49152:0EFbqzA/PvIGDFr9AtwA3PlpIgong0yTI+q47W1Ln9tJEUxDG0BYYrLA50IHLGfr:yAI5pAdVJn9tbnR1VgBVmp65tUV

    Score
    7/10
    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Drops file in System32 directory

MITRE ATT&CK Matrix ATT&CK v13

Credential Access

Unsecured Credentials

1
T1552

Credentials In Files

1
T1552.001

Discovery

System Information Discovery

4
T1082

Query Registry

3
T1012

Peripheral Device Discovery

1
T1120

Collection

Data from Local System

1
T1005

Tasks