General

  • Target

    2024-06-08_c03170dfe4ce90d7d9b9001a3f60e006_ryuk

  • Size

    5.5MB

  • Sample

    240608-yewabaga65

  • MD5

    c03170dfe4ce90d7d9b9001a3f60e006

  • SHA1

    2a7fabe46f7ebe4a2f3e5a7600f5e1af144ab46a

  • SHA256

    4a2fc91dd28474b234e9a0b9d92fb0ba8a0b20a43f343d689344f81fff62e96d

  • SHA512

    de538fb33df826d05d0cf9f844b22cc9909296de113e6e5a74fe64f9c6237862632ea3f8b739fa0ed30ebc5cd0075e4942f68f57ac31ea98bb48dc9f063263f2

  • SSDEEP

    49152:lEFbqzA/PvIGDFr9AtwA3PlpIgong0yTI+q47W1Ln9tJEUxDG0BYYrLA50IHLGfn:5AI5pAdVJn9tbnR1VgBVmg8

Score
9/10

Malware Config

Targets

    • Target

      2024-06-08_c03170dfe4ce90d7d9b9001a3f60e006_ryuk

    • Size

      5.5MB

    • MD5

      c03170dfe4ce90d7d9b9001a3f60e006

    • SHA1

      2a7fabe46f7ebe4a2f3e5a7600f5e1af144ab46a

    • SHA256

      4a2fc91dd28474b234e9a0b9d92fb0ba8a0b20a43f343d689344f81fff62e96d

    • SHA512

      de538fb33df826d05d0cf9f844b22cc9909296de113e6e5a74fe64f9c6237862632ea3f8b739fa0ed30ebc5cd0075e4942f68f57ac31ea98bb48dc9f063263f2

    • SSDEEP

      49152:lEFbqzA/PvIGDFr9AtwA3PlpIgong0yTI+q47W1Ln9tJEUxDG0BYYrLA50IHLGfn:5AI5pAdVJn9tbnR1VgBVmg8

    Score
    9/10
    • Detects executables containing bas64 encoded gzip files

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks