bbd895f58d140f56d3117dc6ffad30ca35e3c2a3ca7cd3e4c9a0b62324bfff80 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-06-07_0cfb70b3fc4c4952ce3b0937baa8242a_ryuk
Size

17.0MB
Sample

240607-a62z6sef7x
MD5

0cfb70b3fc4c4952ce3b0937baa8242a
SHA1

00d6cf381b85b63fe42534a0a4b8a3768cdb9a5e
SHA256

bbd895f58d140f56d3117dc6ffad30ca35e3c2a3ca7cd3e4c9a0b62324bfff80
SHA512

9869ad4f4f8b60126e4c4533f352ba8537c1353a0e14d83efb72df28341a85c4672a143424f3edc57ee5ba8ef8facbe9c0ac840b88ca4be23cd1ba39b42c5b58
SSDEEP

393216:SMaHK8Pj9c5hlER35ShR4uw3AdZYyKLI0RtN3ZWarz4ENd8Oxr4Z+DS:EqgJEhkpQ27AdZKc+tN3DpNJ3

Score

7^/10

pyinstaller spyware stealer

Malware Config

Targets

- Target
  
  2024-06-07_0cfb70b3fc4c4952ce3b0937baa8242a_ryuk
- Size
  
  17.0MB
- MD5
  
  0cfb70b3fc4c4952ce3b0937baa8242a
- SHA1
  
  00d6cf381b85b63fe42534a0a4b8a3768cdb9a5e
- SHA256
  
  bbd895f58d140f56d3117dc6ffad30ca35e3c2a3ca7cd3e4c9a0b62324bfff80
- SHA512
  
  9869ad4f4f8b60126e4c4533f352ba8537c1353a0e14d83efb72df28341a85c4672a143424f3edc57ee5ba8ef8facbe9c0ac840b88ca4be23cd1ba39b42c5b58
- SSDEEP
  
  393216:SMaHK8Pj9c5hlER35ShR4uw3AdZYyKLI0RtN3ZWarz4ENd8Oxr4Z+DS:EqgJEhkpQ27AdZKc+tN3DpNJ3
Score

7^/10

spyware stealer
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2