bb5a610691b6842eb01e544bd2cdd80184a616c9d618e90a213b0361125f0d19 | Triage

Sharing

General

Target

2024-05-24_ab743095a632c9474f7311c0491df47e_ryuk
Size

2.2MB
Sample

240524-xvdjrsgb58
MD5

ab743095a632c9474f7311c0491df47e
SHA1

9db1db204c0504ea16072616712497071fccee0b
SHA256

bb5a610691b6842eb01e544bd2cdd80184a616c9d618e90a213b0361125f0d19
SHA512

6141b8b2492d7eb8910e4c9352ec5a7c8ef66aee78ddb75cfead53c525b6d9b68fb97ff7a0dc3c65d2cfa8321f625c8112321b9c7c611172a20360083a91b026
SSDEEP

24576:GOObVw4TaN1wdFukCba4oXtgLhU3wEdmh584sqjnhMgeiCl7G0nehbGZpbD:GOOh3aN4FuLbegmtGfDmg27RnWGj

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  2024-05-24_ab743095a632c9474f7311c0491df47e_ryuk
- Size
  
  2.2MB
- MD5
  
  ab743095a632c9474f7311c0491df47e
- SHA1
  
  9db1db204c0504ea16072616712497071fccee0b
- SHA256
  
  bb5a610691b6842eb01e544bd2cdd80184a616c9d618e90a213b0361125f0d19
- SHA512
  
  6141b8b2492d7eb8910e4c9352ec5a7c8ef66aee78ddb75cfead53c525b6d9b68fb97ff7a0dc3c65d2cfa8321f625c8112321b9c7c611172a20360083a91b026
- SSDEEP
  
  24576:GOObVw4TaN1wdFukCba4oXtgLhU3wEdmh584sqjnhMgeiCl7G0nehbGZpbD:GOOh3aN4FuLbegmtGfDmg27RnWGj
Score

7^/10

spyware stealer
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2