238fe60c1631f7143579fe9f20a3e12d0546534956bda449dc3749e81e294c7f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-14_e68c213ebf05bdde837e71079ca45eb3_ryuk
Size

2.2MB
Sample

240514-v6qblagb6t
MD5

e68c213ebf05bdde837e71079ca45eb3
SHA1

dee79e927b36cfee029b973e3236e7a671db6282
SHA256

238fe60c1631f7143579fe9f20a3e12d0546534956bda449dc3749e81e294c7f
SHA512

913f116e857993cd6feb68383e40c89860c4a359312236efb6d4099a5db3e672acedd2a9a1375b44aac8ac535c7976122ec53096ad42def0f9c69c726d09c265
SSDEEP

24576:pOObVw4TaN1wdkukCba4oXtgLhU3wEdmh58g1SwPHU8X31PfU17DhZy0lxHZ9/I:pOOh3aN4kuLbegmtGcw/3FPfUNDZ4

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  2024-05-14_e68c213ebf05bdde837e71079ca45eb3_ryuk
- Size
  
  2.2MB
- MD5
  
  e68c213ebf05bdde837e71079ca45eb3
- SHA1
  
  dee79e927b36cfee029b973e3236e7a671db6282
- SHA256
  
  238fe60c1631f7143579fe9f20a3e12d0546534956bda449dc3749e81e294c7f
- SHA512
  
  913f116e857993cd6feb68383e40c89860c4a359312236efb6d4099a5db3e672acedd2a9a1375b44aac8ac535c7976122ec53096ad42def0f9c69c726d09c265
- SSDEEP
  
  24576:pOObVw4TaN1wdkukCba4oXtgLhU3wEdmh58g1SwPHU8X31PfU17DhZy0lxHZ9/I:pOOh3aN4kuLbegmtGcw/3FPfUNDZ4
Score

7^/10

spyware stealer
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2