798965061d73a83305418cfd1ae44da0fa9291989d5c4f30d62d979cfcdfd5af | Triage

Submit
Reports

Overview

overview

7

Static

static

3

2024-05-24...uk.exe

windows7-x64

1

2024-05-24...uk.exe

windows10-2004-x64

7

Sharing

General

Target

2024-05-24_814e8cbe828fa002b4eb4ef2918ed15e_ryuk
Size

5.5MB
Sample

240524-txn7hacc44
MD5

814e8cbe828fa002b4eb4ef2918ed15e
SHA1

c51b7075c0bc9587f5f4caff370572933e232b06
SHA256

798965061d73a83305418cfd1ae44da0fa9291989d5c4f30d62d979cfcdfd5af
SHA512

c0165d3e5109d799e01ea2a7f058c15a33d52e8acffe2117590af46da3ec85bd254c886426f938839d16f7eda3488c7f5e330451c0b86cf77a81075d86b890f4
SSDEEP

49152:FEFbqzA/PvIGDFr9AtwA3PlpIgong0yTI+q47W1Ln9tJEUxDG0BYYrLA50IHLGfh:ZAI5pAdVJn9tbnR1VgBVmSEnW6at

Score

7^/10

spyware stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

2024-05-24_814e8cbe828fa002b4eb4ef2918ed15e_ryuk.exe

Resource

win7-20231129-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

2024-05-24_814e8cbe828fa002b4eb4ef2918ed15e_ryuk.exe

Resource

win10v2004-20240226-en

spyware stealer

windows10-2004-x64

17 signatures

150 seconds

Malware Config

Targets

- Target
  
  2024-05-24_814e8cbe828fa002b4eb4ef2918ed15e_ryuk
- Size
  
  5.5MB
- MD5
  
  814e8cbe828fa002b4eb4ef2918ed15e
- SHA1
  
  c51b7075c0bc9587f5f4caff370572933e232b06
- SHA256
  
  798965061d73a83305418cfd1ae44da0fa9291989d5c4f30d62d979cfcdfd5af
- SHA512
  
  c0165d3e5109d799e01ea2a7f058c15a33d52e8acffe2117590af46da3ec85bd254c886426f938839d16f7eda3488c7f5e330451c0b86cf77a81075d86b890f4
- SSDEEP
  
  49152:FEFbqzA/PvIGDFr9AtwA3PlpIgong0yTI+q47W1Ln9tJEUxDG0BYYrLA50IHLGfh:ZAI5pAdVJn9tbnR1VgBVmSEnW6at
Score

7^/10

spyware stealer
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

System Information Discovery

Query Registry

Peripheral Device Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy