General

  • Target

    2024-05-27_0166b4a8e27215a4001c7c04db328533_ryuk

  • Size

    5.5MB

  • Sample

    240527-paebkaba6x

  • MD5

    0166b4a8e27215a4001c7c04db328533

  • SHA1

    f786735b69f3a008bb96ce8dc66a537beb4326b2

  • SHA256

    b1c6191cd2ee1310695d30ce936cca34964308d2d04f6bb8b55a7ab4617a5c65

  • SHA512

    a4db97f824eed0e7f28b4bc5168f6e78a30db221364cf9a7d4ef599ae1d6f15233258a656d6ce2e3e4152dc8a98dd77e241fd0defa11a738158b955c5c300313

  • SSDEEP

    49152:/EFbqzA/PvIGDFr9AtwA3PlpIgong0yTI+q47W1Ln9tJEUxDG0BYYrLA50IHLGf3:7AI5pAdVJn9tbnR1VgBVmiB2Yyjl

Score
7/10

Malware Config

Targets

    • Target

      2024-05-27_0166b4a8e27215a4001c7c04db328533_ryuk

    • Size

      5.5MB

    • MD5

      0166b4a8e27215a4001c7c04db328533

    • SHA1

      f786735b69f3a008bb96ce8dc66a537beb4326b2

    • SHA256

      b1c6191cd2ee1310695d30ce936cca34964308d2d04f6bb8b55a7ab4617a5c65

    • SHA512

      a4db97f824eed0e7f28b4bc5168f6e78a30db221364cf9a7d4ef599ae1d6f15233258a656d6ce2e3e4152dc8a98dd77e241fd0defa11a738158b955c5c300313

    • SSDEEP

      49152:/EFbqzA/PvIGDFr9AtwA3PlpIgong0yTI+q47W1Ln9tJEUxDG0BYYrLA50IHLGf3:7AI5pAdVJn9tbnR1VgBVmiB2Yyjl

    Score
    7/10
    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks