Overview

overview

7

Static

static

3

2024-06-08...uk.exe

windows7-x64

1

2024-06-08...uk.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    2024-06-08_c2a5a273ec2ac1439ee689858e7b010c_ryuk

  • Size

    5.5MB

  • Sample

    240608-n2n5eabd5z

  • MD5

    c2a5a273ec2ac1439ee689858e7b010c

  • SHA1

    8aeb54bb3b8bd0f0218eeca47db27b0b3ce8c628

  • SHA256

    aa5375e268f2cff72e2e57273ef81cd3f656dcc253c1c1887cdde2a6592a496c

  • SHA512

    67c19c0b58c073169ed3d2865f95f9558eb23396766f845b3fbeacb86224413cacf19823152ae030c8f6def525e2748beef0d2a272bb67eb61689f3fe8dc25f3

  • SSDEEP

    49152:iEFbqzA/PvIGDFr9AtwA3PlpIgong0yTI+q47W1Ln9tJEUxDG0BYYrLA50IHLGfg:oAI5pAdVJn9tbnR1VgBVm2qo4w

Score
7/10
discoveryspywarestealer

Malware Config

Targets

    • Target

      2024-06-08_c2a5a273ec2ac1439ee689858e7b010c_ryuk

    • Size

      5.5MB

    • MD5

      c2a5a273ec2ac1439ee689858e7b010c

    • SHA1

      8aeb54bb3b8bd0f0218eeca47db27b0b3ce8c628

    • SHA256

      aa5375e268f2cff72e2e57273ef81cd3f656dcc253c1c1887cdde2a6592a496c

    • SHA512

      67c19c0b58c073169ed3d2865f95f9558eb23396766f845b3fbeacb86224413cacf19823152ae030c8f6def525e2748beef0d2a272bb67eb61689f3fe8dc25f3

    • SSDEEP

      49152:iEFbqzA/PvIGDFr9AtwA3PlpIgong0yTI+q47W1Ln9tJEUxDG0BYYrLA50IHLGfg:oAI5pAdVJn9tbnR1VgBVm2qo4w

    Score
    7/10
    discoveryspywarestealer

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks