c84773b302f5a2cf7fa6874d6a39bee5490d159013bff3f0070f5eb9d17eaf76 | Triage

Sharing

General

Target

2024-06-08_b5c98846455cb5ec5acd7513e7a3a155_ryuk
Size

2.2MB
Sample

240608-fff8nshb8s
MD5

b5c98846455cb5ec5acd7513e7a3a155
SHA1

98a3b5f616304f28e80815e9a067a9145a4fbf93
SHA256

c84773b302f5a2cf7fa6874d6a39bee5490d159013bff3f0070f5eb9d17eaf76
SHA512

e7c107c8703495627b1055d8409f328a749a37f64bd2322f50bfe6ec9333ab33e156bbb3b1b33ed471d434fed5b7d4239c18ccdb56d7a22fae0d25ed2535f02b
SSDEEP

24576:sOObVw4TaN1wdkukCba4oXtgLhU3wEdmh58Pt/sBlDqgZQd6XKtiMJYiPU:sOOh3aN4kuLbegmtGi/snji6attJM

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  2024-06-08_b5c98846455cb5ec5acd7513e7a3a155_ryuk
- Size
  
  2.2MB
- MD5
  
  b5c98846455cb5ec5acd7513e7a3a155
- SHA1
  
  98a3b5f616304f28e80815e9a067a9145a4fbf93
- SHA256
  
  c84773b302f5a2cf7fa6874d6a39bee5490d159013bff3f0070f5eb9d17eaf76
- SHA512
  
  e7c107c8703495627b1055d8409f328a749a37f64bd2322f50bfe6ec9333ab33e156bbb3b1b33ed471d434fed5b7d4239c18ccdb56d7a22fae0d25ed2535f02b
- SSDEEP
  
  24576:sOObVw4TaN1wdkukCba4oXtgLhU3wEdmh58Pt/sBlDqgZQd6XKtiMJYiPU:sOOh3aN4kuLbegmtGi/snji6attJM
Score

7^/10

spyware stealer
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2