bdd04b267037a37ff544be2eff5a22be2039325ca345c5a6bd365bdb0dfe4de8 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

2024-06-01...uk.exe

windows10-2004-x64

7

Sharing

General

Target

2024-06-01_b2a6cfbb711d17cb577501acd0e695de_ryuk
Size

4.6MB
Sample

240601-ws9zhsaf2y
MD5

b2a6cfbb711d17cb577501acd0e695de
SHA1

3df99abad7b29aa8ee5c3fbdc6bed1af02b5fd09
SHA256

bdd04b267037a37ff544be2eff5a22be2039325ca345c5a6bd365bdb0dfe4de8
SHA512

9899cc784de0592bc8d5455090150c2a318025f5f70c1b32b52f132385cc31b3f5a5217391b39a1779e6e2b124ed2c3bd2513acba76a2cd76721b87bedf07754
SSDEEP

49152:RndPjazwYcCOlBWD9rqGZi0iIGTHI6DOnIIeNxu6xl1aZt6m5xbzDI6bpsRJrAGV:t2D8siFIIm3Gob5iEIUyuFC4Qmd1

Score

7^/10

spyware stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

2024-06-01_b2a6cfbb711d17cb577501acd0e695de_ryuk.exe

Resource

win10v2004-20240426-en

spyware stealer

windows10-2004-x64

18 signatures

150 seconds

Malware Config

Targets

- Target
  
  2024-06-01_b2a6cfbb711d17cb577501acd0e695de_ryuk
- Size
  
  4.6MB
- MD5
  
  b2a6cfbb711d17cb577501acd0e695de
- SHA1
  
  3df99abad7b29aa8ee5c3fbdc6bed1af02b5fd09
- SHA256
  
  bdd04b267037a37ff544be2eff5a22be2039325ca345c5a6bd365bdb0dfe4de8
- SHA512
  
  9899cc784de0592bc8d5455090150c2a318025f5f70c1b32b52f132385cc31b3f5a5217391b39a1779e6e2b124ed2c3bd2513acba76a2cd76721b87bedf07754
- SSDEEP
  
  49152:RndPjazwYcCOlBWD9rqGZi0iIGTHI6DOnIIeNxu6xl1aZt6m5xbzDI6bpsRJrAGV:t2D8siFIIm3Gob5iEIUyuFC4Qmd1
Score

7^/10

spyware stealer
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy