General

  • Target

    2024-06-03_d3e343ce973d1c7ec99c5c59ea5f1f52_ryuk

  • Size

    2.7MB

  • Sample

    240603-jmp1yahf62

  • MD5

    d3e343ce973d1c7ec99c5c59ea5f1f52

  • SHA1

    d7d262be600e38f48e149f7fbfb3eaabbbfd4fd2

  • SHA256

    3b0d9a46b08a1ce99dccfc84172547f1d117fe39668b4270568b0a0e5e2ae79f

  • SHA512

    505265cd7b4d0445155527708e380ea997cd983c7aae1aa63da5fcfea7fae44a631b32369233fd5d99ec70588305b1a591ee4cef3dd4e9d6a46d4e659b217da6

  • SSDEEP

    49152:G2IoCBtJnxlyU/mWhRcQYhie6/UIdjjQbctXnFDu3nAzNjteyUHBdH3yMkQ/qoL9:RrCBrtcy/lflD0nANte9BpCcqo4w

Malware Config

Targets

    • Target

      2024-06-03_d3e343ce973d1c7ec99c5c59ea5f1f52_ryuk

    • Size

      2.7MB

    • MD5

      d3e343ce973d1c7ec99c5c59ea5f1f52

    • SHA1

      d7d262be600e38f48e149f7fbfb3eaabbbfd4fd2

    • SHA256

      3b0d9a46b08a1ce99dccfc84172547f1d117fe39668b4270568b0a0e5e2ae79f

    • SHA512

      505265cd7b4d0445155527708e380ea997cd983c7aae1aa63da5fcfea7fae44a631b32369233fd5d99ec70588305b1a591ee4cef3dd4e9d6a46d4e659b217da6

    • SSDEEP

      49152:G2IoCBtJnxlyU/mWhRcQYhie6/UIdjjQbctXnFDu3nAzNjteyUHBdH3yMkQ/qoL9:RrCBrtcy/lflD0nANte9BpCcqo4w

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks