5d483469af09609dd4f69ad488f783685d6dfd8966db9659e0e3d6de635465d0 | Triage

Sharing

General

Target

2024-04-30_b54c6004d018138b2c5e097c20bd21bd_ryuk
Size

2.2MB
Sample

240430-szvxdsaa8y
MD5

b54c6004d018138b2c5e097c20bd21bd
SHA1

ca36bd5f31d6aeb2f07f880415abb4ed8e55dd2a
SHA256

5d483469af09609dd4f69ad488f783685d6dfd8966db9659e0e3d6de635465d0
SHA512

ba698cbb8835d0ca141d5ee7ee5291e371b0d5d87149cff2b389f46b2a9b7c4917bf94cc51769d50fc4024e9c11d69738251b1ec3b4178bbc85cc1a02a84668e
SSDEEP

49152:nOOh3aN4kuLbegmtGk8HNUPCAaq8Wdo0:/U4ku/ctx8t4C7

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  2024-04-30_b54c6004d018138b2c5e097c20bd21bd_ryuk
- Size
  
  2.2MB
- MD5
  
  b54c6004d018138b2c5e097c20bd21bd
- SHA1
  
  ca36bd5f31d6aeb2f07f880415abb4ed8e55dd2a
- SHA256
  
  5d483469af09609dd4f69ad488f783685d6dfd8966db9659e0e3d6de635465d0
- SHA512
  
  ba698cbb8835d0ca141d5ee7ee5291e371b0d5d87149cff2b389f46b2a9b7c4917bf94cc51769d50fc4024e9c11d69738251b1ec3b4178bbc85cc1a02a84668e
- SSDEEP
  
  49152:nOOh3aN4kuLbegmtGk8HNUPCAaq8Wdo0:/U4ku/ctx8t4C7
Score

7^/10

spyware stealer
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2