8373b546e0befdd0b165c4f095522f2603006a338d7e3e9e061b68cb3bd05ff3 | Triage

Submit
Reports

Overview

overview

7

Static

static

3

2024-06-06...uk.exe

windows7-x64

1

2024-06-06...uk.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

Target

2024-06-06_33bb1bee1732d04433d402e48fc4de0d_ryuk
Size

5.5MB
Sample

240606-wpdf5shf3w
MD5

33bb1bee1732d04433d402e48fc4de0d
SHA1

77a3579ed56f3364935c4fb0d6c5d6103d913a81
SHA256

8373b546e0befdd0b165c4f095522f2603006a338d7e3e9e061b68cb3bd05ff3
SHA512

3d5417ce35c65240e3c21601e7bfbc20d94f7fd2eeb90a6bb70f594fa6b3eea82047e65a0555045ca170e65901704a417cabaa07ab701114f129d6e0fbd2640e
SSDEEP

49152:lEFbqzA/PvIGDFr9AtwA3PlpIgong0yTI+q47W1Ln9tJEUxDG0BYYrLA50IHLGf2:5AI5pAdVJn9tbnR1VgBVmwlI7K2mF9

Score

7^/10

spyware stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

2024-06-06_33bb1bee1732d04433d402e48fc4de0d_ryuk.exe

Resource

win7-20240508-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

2024-06-06_33bb1bee1732d04433d402e48fc4de0d_ryuk.exe

Resource

win10v2004-20240508-en

spyware stealer

windows10-2004-x64

18 signatures

150 seconds

Malware Config

Targets

- Target
  
  2024-06-06_33bb1bee1732d04433d402e48fc4de0d_ryuk
- Size
  
  5.5MB
- MD5
  
  33bb1bee1732d04433d402e48fc4de0d
- SHA1
  
  77a3579ed56f3364935c4fb0d6c5d6103d913a81
- SHA256
  
  8373b546e0befdd0b165c4f095522f2603006a338d7e3e9e061b68cb3bd05ff3
- SHA512
  
  3d5417ce35c65240e3c21601e7bfbc20d94f7fd2eeb90a6bb70f594fa6b3eea82047e65a0555045ca170e65901704a417cabaa07ab701114f129d6e0fbd2640e
- SSDEEP
  
  49152:lEFbqzA/PvIGDFr9AtwA3PlpIgong0yTI+q47W1Ln9tJEUxDG0BYYrLA50IHLGf2:5AI5pAdVJn9tbnR1VgBVmwlI7K2mF9
Score

7^/10

spyware stealer
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy