General

  • Target

    2024-06-07_9ca07e4d4ca32330c9506a00f8a05a10_ryuk

  • Size

    11.7MB

  • Sample

    240607-b81qkaff6w

  • MD5

    9ca07e4d4ca32330c9506a00f8a05a10

  • SHA1

    300600c0b1fa327265cf2c8df19e2815f6be8721

  • SHA256

    ab78dae929eb6710eec101a16facce93a12fa659749927464aaf4afb17fb0cfc

  • SHA512

    6a2864c3059c07e16e9b5a899894113d11d8fd5178995c015ae9b109e5c68d1e6dd552dbb79b4eb1af88e1716a1d93d3376548591bc8d331a6bee64ae56e7ab8

  • SSDEEP

    196608:v3lAG6ZOjgp1Dvn/RNrlHAjoG+IE9onJ5hrZERv/Q3jo4UZFolf7+/I5K2+co1mN:/lCLpN/ZxlHOFE9c5hlERv/A2ZkSgK2s

Malware Config

Targets

    • Target

      2024-06-07_9ca07e4d4ca32330c9506a00f8a05a10_ryuk

    • Size

      11.7MB

    • MD5

      9ca07e4d4ca32330c9506a00f8a05a10

    • SHA1

      300600c0b1fa327265cf2c8df19e2815f6be8721

    • SHA256

      ab78dae929eb6710eec101a16facce93a12fa659749927464aaf4afb17fb0cfc

    • SHA512

      6a2864c3059c07e16e9b5a899894113d11d8fd5178995c015ae9b109e5c68d1e6dd552dbb79b4eb1af88e1716a1d93d3376548591bc8d331a6bee64ae56e7ab8

    • SSDEEP

      196608:v3lAG6ZOjgp1Dvn/RNrlHAjoG+IE9onJ5hrZERv/Q3jo4UZFolf7+/I5K2+co1mN:/lCLpN/ZxlHOFE9c5hlERv/A2ZkSgK2s

    Score
    7/10
    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks