ae2ec94526d3ac0c406401fe3c36b3d59f92b053a5f54b742096c3c6fad7498f | Triage

Sharing

General

Target

2024-05-22_8bbd08441efa9d80815315682e75be4c_ryuk
Size

2.2MB
Sample

240522-zfmj8sfh55
MD5

8bbd08441efa9d80815315682e75be4c
SHA1

dc780ce3ed0acd5aa8b904cc8b15b6c4669eae6a
SHA256

ae2ec94526d3ac0c406401fe3c36b3d59f92b053a5f54b742096c3c6fad7498f
SHA512

3dc7558a18500cd1cf737e49c8ed998e9f6f3b1fc30cbda8e1143da07d32f7c870da78d477154ad04dac3743d02ec49bb3189cd72d6459df88f5e3fdd9973d16
SSDEEP

49152:eOOh3aN4kuLbegmtGqYjyJVJyNfyPtYuTt3eIM:oU4ku/ct7YjQHiqPtXBeIM

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  2024-05-22_8bbd08441efa9d80815315682e75be4c_ryuk
- Size
  
  2.2MB
- MD5
  
  8bbd08441efa9d80815315682e75be4c
- SHA1
  
  dc780ce3ed0acd5aa8b904cc8b15b6c4669eae6a
- SHA256
  
  ae2ec94526d3ac0c406401fe3c36b3d59f92b053a5f54b742096c3c6fad7498f
- SHA512
  
  3dc7558a18500cd1cf737e49c8ed998e9f6f3b1fc30cbda8e1143da07d32f7c870da78d477154ad04dac3743d02ec49bb3189cd72d6459df88f5e3fdd9973d16
- SSDEEP
  
  49152:eOOh3aN4kuLbegmtGqYjyJVJyNfyPtYuTt3eIM:oU4ku/ct7YjQHiqPtXBeIM
Score

7^/10

spyware stealer
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2