Overview

overview

7

Static

static

3

2024-05-24...uk.exe

windows7-x64

1

2024-05-24...uk.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-05-24_4e049ca8feed9b78e5559d7629305585_ryuk

  • Size

    5.5MB

  • Sample

    240524-q73k4agc3y

  • MD5

    4e049ca8feed9b78e5559d7629305585

  • SHA1

    b64672f82ec20efe0191be72b5e0631594c8f2a7

  • SHA256

    1200a850cfb01dfab244902e1d70244df80d8572b91e19f69a057335745483d7

  • SHA512

    bcccc4cb69fa59b005b8e4065ae9cd45002b62ef4d4f5a61bb1a5bde2df4c61371611b8342f92b10e39a20e76243c0ef075fc41ae43095e01a34d8be7ba7a710

  • SSDEEP

    98304:7AI5pAdVJn9tbnR1VgBVmhRVlbnP9WXW7H6C:7AsCh7XY4HBVH

Score
7/10
spywarestealer

Malware Config

Targets

    • Target

      2024-05-24_4e049ca8feed9b78e5559d7629305585_ryuk

    • Size

      5.5MB

    • MD5

      4e049ca8feed9b78e5559d7629305585

    • SHA1

      b64672f82ec20efe0191be72b5e0631594c8f2a7

    • SHA256

      1200a850cfb01dfab244902e1d70244df80d8572b91e19f69a057335745483d7

    • SHA512

      bcccc4cb69fa59b005b8e4065ae9cd45002b62ef4d4f5a61bb1a5bde2df4c61371611b8342f92b10e39a20e76243c0ef075fc41ae43095e01a34d8be7ba7a710

    • SSDEEP

      98304:7AI5pAdVJn9tbnR1VgBVmhRVlbnP9WXW7H6C:7AsCh7XY4HBVH

    Score
    7/10
    spywarestealer

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

1
T1552

Credentials In Files

1
T1552.001

Discovery

System Information Discovery

4
T1082

Query Registry

3
T1012

Peripheral Device Discovery

1
T1120

Lateral Movement

Collection

Data from Local System

1
T1005

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks