General

  • Target

    2024-05-24_d8440771bf7006c4f3df035b114f31b6_ryuk

  • Size

    5.5MB

  • Sample

    240524-wq3gnaef34

  • MD5

    d8440771bf7006c4f3df035b114f31b6

  • SHA1

    87cbd57469e03f6921cd4f3c53d62c3ce5609388

  • SHA256

    35f1e1ed2a1e1f3c7f1299a2638cf1b29f3994c3e23af204276507b405402ef6

  • SHA512

    ec6bf5528ecd7d59a00f0832fa20ec58a382210e9cd99d4cccd0759b60a27e5b2de5d4ce40ac8bf748782306fc0d78960699d728f43b90a478e086b8c10f6485

  • SSDEEP

    49152:EEFbqzA/PvIGDFr9AtwA3PlpIgong0yTI+q47W1Ln9tJEUxDG0BYYrLA50IHLGf/:iAI5pAdVJn9tbnR1VgBVmY1Ms

Score
7/10

Malware Config

Targets

    • Target

      2024-05-24_d8440771bf7006c4f3df035b114f31b6_ryuk

    • Size

      5.5MB

    • MD5

      d8440771bf7006c4f3df035b114f31b6

    • SHA1

      87cbd57469e03f6921cd4f3c53d62c3ce5609388

    • SHA256

      35f1e1ed2a1e1f3c7f1299a2638cf1b29f3994c3e23af204276507b405402ef6

    • SHA512

      ec6bf5528ecd7d59a00f0832fa20ec58a382210e9cd99d4cccd0759b60a27e5b2de5d4ce40ac8bf748782306fc0d78960699d728f43b90a478e086b8c10f6485

    • SSDEEP

      49152:EEFbqzA/PvIGDFr9AtwA3PlpIgong0yTI+q47W1Ln9tJEUxDG0BYYrLA50IHLGf/:iAI5pAdVJn9tbnR1VgBVmY1Ms

    Score
    7/10
    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Drops file in System32 directory

MITRE ATT&CK Matrix ATT&CK v13

Credential Access

Unsecured Credentials

1
T1552

Credentials In Files

1
T1552.001

Discovery

System Information Discovery

4
T1082

Query Registry

3
T1012

Peripheral Device Discovery

1
T1120

Collection

Data from Local System

1
T1005

Tasks