c7ce94c9591b28f62b2a4fddf7381698ea80511ef756de8b9fe12e7dc8a1a00c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-06-06_5ca1672ecd60c211b76428c574e07c27_ryuk
Size

1.9MB
Sample

240606-w2h76aba23
MD5

5ca1672ecd60c211b76428c574e07c27
SHA1

f9919bd92709dde8ef7979ec6eca2499ce990863
SHA256

c7ce94c9591b28f62b2a4fddf7381698ea80511ef756de8b9fe12e7dc8a1a00c
SHA512

a5f2b2bb9d72df621ca71a004887110d7a9de4092b883f9c935f918511a9ea5851913d99ce88b5e42a19f7fca462dfb40d0886a2228e1b77577d63f47f72c6cd
SSDEEP

24576:/78r8FfC3F32nUnCdAaKu++nOHOKVz0+zG4IB1/j3ZOkPO://fQF37CGaPKzzNG4QjJOL

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  2024-06-06_5ca1672ecd60c211b76428c574e07c27_ryuk
- Size
  
  1.9MB
- MD5
  
  5ca1672ecd60c211b76428c574e07c27
- SHA1
  
  f9919bd92709dde8ef7979ec6eca2499ce990863
- SHA256
  
  c7ce94c9591b28f62b2a4fddf7381698ea80511ef756de8b9fe12e7dc8a1a00c
- SHA512
  
  a5f2b2bb9d72df621ca71a004887110d7a9de4092b883f9c935f918511a9ea5851913d99ce88b5e42a19f7fca462dfb40d0886a2228e1b77577d63f47f72c6cd
- SSDEEP
  
  24576:/78r8FfC3F32nUnCdAaKu++nOHOKVz0+zG4IB1/j3ZOkPO://fQF37CGaPKzzNG4QjJOL
Score

7^/10

spyware stealer
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1