General

  • Target

    2024-06-06_daddfbae1ad15f0ebe8c05cf864ff31a_ryuk

  • Size

    10.5MB

  • Sample

    240606-zddvbacg73

  • MD5

    daddfbae1ad15f0ebe8c05cf864ff31a

  • SHA1

    da796b17ef99fcbf7886935f26d024ea416efbab

  • SHA256

    c1a9adc2fa5605ea6455529090f6aac2df2fc951e9fb48aaa7a3c0bc99c32185

  • SHA512

    94cb20650bd76bb44d23bcc854b964815d6c7dcccfc4927ebba959993d7816848fe9b0a86b6685edc2b28abb93a5d46968b2ed1488cd62f8bd301295876d3df5

  • SSDEEP

    196608:ZUmD1gjuWJysVYvsO5mDIEVFKgd7pQDw748RmU/3ZlsPvOoXnX+h8CgCat69/0aY:GmeyWJOmDIEBd7pQDGtN3ZWDXXgat650

Malware Config

Targets

    • Target

      2024-06-06_daddfbae1ad15f0ebe8c05cf864ff31a_ryuk

    • Size

      10.5MB

    • MD5

      daddfbae1ad15f0ebe8c05cf864ff31a

    • SHA1

      da796b17ef99fcbf7886935f26d024ea416efbab

    • SHA256

      c1a9adc2fa5605ea6455529090f6aac2df2fc951e9fb48aaa7a3c0bc99c32185

    • SHA512

      94cb20650bd76bb44d23bcc854b964815d6c7dcccfc4927ebba959993d7816848fe9b0a86b6685edc2b28abb93a5d46968b2ed1488cd62f8bd301295876d3df5

    • SSDEEP

      196608:ZUmD1gjuWJysVYvsO5mDIEVFKgd7pQDw748RmU/3ZlsPvOoXnX+h8CgCat69/0aY:GmeyWJOmDIEBd7pQDGtN3ZWDXXgat650

    Score
    7/10
    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks