f43ed4f02d7e30ee2de9e41d3b6b13e3b1be2dfac1a5d58f0dd89ca12c170a39 | Triage

Submit
Reports

Overview

overview

7

Static

static

3

2024-05-24...uk.exe

windows7-x64

1

2024-05-24...uk.exe

windows10-2004-x64

7

Sharing

General

Target

2024-05-24_ea2c8a98c166d9c59846cf22789f7248_ryuk
Size

5.5MB
Sample

240524-vfp8xada74
MD5

ea2c8a98c166d9c59846cf22789f7248
SHA1

4ee109bc0ffe5cb64a5d7741464dc81763c16409
SHA256

f43ed4f02d7e30ee2de9e41d3b6b13e3b1be2dfac1a5d58f0dd89ca12c170a39
SHA512

ecc5757b501765357f73f225b32d644cf1a8390615174e2e82c9f5c00654fbced4e2db2adfb66b2307d0d216d57e2f5e1e3e940aa6be3e001e356401cc850162
SSDEEP

49152:9EFbqzA/PvIGDFr9AtwA3PlpIgong0yTI+q47W1Ln9tJEUxDG0BYYrLA50IHLGfT:BAI5pAdVJn9tbnR1VgBVmhDb0

Score

7^/10

spyware stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

2024-05-24_ea2c8a98c166d9c59846cf22789f7248_ryuk.exe

Resource

win7-20240221-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

2024-05-24_ea2c8a98c166d9c59846cf22789f7248_ryuk.exe

Resource

win10v2004-20240508-en

spyware stealer

windows10-2004-x64

18 signatures

150 seconds

Malware Config

Targets

- Target
  
  2024-05-24_ea2c8a98c166d9c59846cf22789f7248_ryuk
- Size
  
  5.5MB
- MD5
  
  ea2c8a98c166d9c59846cf22789f7248
- SHA1
  
  4ee109bc0ffe5cb64a5d7741464dc81763c16409
- SHA256
  
  f43ed4f02d7e30ee2de9e41d3b6b13e3b1be2dfac1a5d58f0dd89ca12c170a39
- SHA512
  
  ecc5757b501765357f73f225b32d644cf1a8390615174e2e82c9f5c00654fbced4e2db2adfb66b2307d0d216d57e2f5e1e3e940aa6be3e001e356401cc850162
- SSDEEP
  
  49152:9EFbqzA/PvIGDFr9AtwA3PlpIgong0yTI+q47W1Ln9tJEUxDG0BYYrLA50IHLGfT:BAI5pAdVJn9tbnR1VgBVmhDb0
Score

7^/10

spyware stealer
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

System Information Discovery

Query Registry

Peripheral Device Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy