General

  • Target

    2024-06-01_76e9faf3f7c8d601c3672163b8d1f690_ryuk

  • Size

    5.5MB

  • Sample

    240601-hc6p9sdf35

  • MD5

    76e9faf3f7c8d601c3672163b8d1f690

  • SHA1

    d3c1e286fdbb992dcf8d8a842d9a471f17e6dedb

  • SHA256

    15d79c2239270e32f0afcb0a9e96912ce8f6d713e190f7c19a1548555b408830

  • SHA512

    c00a74840fd6b794a60bb4054a12bb77c22d50931aca2faa65c8016e04099eda4c8e6a57e9cbb2fc1a502afc4ddbc678dcfa2968d3aa8f80ef9fde1d3405f9d3

  • SSDEEP

    49152:iEFbqzA/PvIGDFr9AtwA3PlpIgong0yTI+q47W1Ln9tJEUxDG0BYYrLA50IHLGf7:oAI5pAdVJn9tbnR1VgBVm81Ms

Score
9/10

Malware Config

Targets

    • Target

      2024-06-01_76e9faf3f7c8d601c3672163b8d1f690_ryuk

    • Size

      5.5MB

    • MD5

      76e9faf3f7c8d601c3672163b8d1f690

    • SHA1

      d3c1e286fdbb992dcf8d8a842d9a471f17e6dedb

    • SHA256

      15d79c2239270e32f0afcb0a9e96912ce8f6d713e190f7c19a1548555b408830

    • SHA512

      c00a74840fd6b794a60bb4054a12bb77c22d50931aca2faa65c8016e04099eda4c8e6a57e9cbb2fc1a502afc4ddbc678dcfa2968d3aa8f80ef9fde1d3405f9d3

    • SSDEEP

      49152:iEFbqzA/PvIGDFr9AtwA3PlpIgong0yTI+q47W1Ln9tJEUxDG0BYYrLA50IHLGf7:oAI5pAdVJn9tbnR1VgBVm81Ms

    Score
    9/10
    • Detects executables containing bas64 encoded gzip files

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks