cdbadf8d5974c16249c2fe0a23b5794f49c04eb9c5817f075d5eceb1a9d3537d | Triage

Sharing

General

Target

2024-06-25_4d33194f16e0135f416095e58cbb5df0_ryuk
Size

2.2MB
Sample

240625-g7gh7axgnn
MD5

4d33194f16e0135f416095e58cbb5df0
SHA1

b4461095703c874bc090d7e85275996f282754b8
SHA256

cdbadf8d5974c16249c2fe0a23b5794f49c04eb9c5817f075d5eceb1a9d3537d
SHA512

0defbfcb841e7cf682851a32fdff6d9792a796f3ab936b0ab71399efbb4f74fa472c9df1f093354cd231f4bfacd3251d97bd3c75a62f037960926261eda7093e
SSDEEP

49152:tOOh3aN4kuLbegmtGlCks7R9L58UqFJjskU:NU4ku/ctUC17DVqFJU

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  2024-06-25_4d33194f16e0135f416095e58cbb5df0_ryuk
- Size
  
  2.2MB
- MD5
  
  4d33194f16e0135f416095e58cbb5df0
- SHA1
  
  b4461095703c874bc090d7e85275996f282754b8
- SHA256
  
  cdbadf8d5974c16249c2fe0a23b5794f49c04eb9c5817f075d5eceb1a9d3537d
- SHA512
  
  0defbfcb841e7cf682851a32fdff6d9792a796f3ab936b0ab71399efbb4f74fa472c9df1f093354cd231f4bfacd3251d97bd3c75a62f037960926261eda7093e
- SSDEEP
  
  49152:tOOh3aN4kuLbegmtGlCks7R9L58UqFJjskU:NU4ku/ctUC17DVqFJU
Score

7^/10

spyware stealer
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2