daa45031a6a78976135e0dfffb7cf7428049fc88868528fb8cc5aee9cd3157fc | Triage

Submit
Reports

Overview

overview

7

Static

static

3

2024-06-27...uk.exe

windows7-x64

7

2024-06-27...uk.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

Target

2024-06-27_a5fb50cdab000294e4dd5f67f1580c90_ryuk
Size

1.1MB
Sample

240627-lknq7svaph
MD5

a5fb50cdab000294e4dd5f67f1580c90
SHA1

7e8dbea7b44ed3a06ca0484051bb94efd8d5c876
SHA256

daa45031a6a78976135e0dfffb7cf7428049fc88868528fb8cc5aee9cd3157fc
SHA512

5f6035c8256a9554fe92f468dc349211cc5314d98cdf60e531da344d19a1c0a1436aa47e43d2a010188c031c210c188948b0c4b9c24128c5802672e8d4d39aca
SSDEEP

24576:xSi1SoCU5qJSr1eWPSCsP0MugC6eTFIZVGV0UUTsW2DnyyNaK+:xS7PLjeTFIZV+0nsW2Oyz+

Score

7^/10

spyware stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

2024-06-27_a5fb50cdab000294e4dd5f67f1580c90_ryuk.exe

Resource

win7-20240508-en

spyware stealer

windows7-x64

16 signatures

150 seconds

Behavioral task

behavioral2

Sample

2024-06-27_a5fb50cdab000294e4dd5f67f1580c90_ryuk.exe

Resource

win10v2004-20240611-en

spyware stealer

windows10-2004-x64

14 signatures

150 seconds

Malware Config

Targets

- Target
  
  2024-06-27_a5fb50cdab000294e4dd5f67f1580c90_ryuk
- Size
  
  1.1MB
- MD5
  
  a5fb50cdab000294e4dd5f67f1580c90
- SHA1
  
  7e8dbea7b44ed3a06ca0484051bb94efd8d5c876
- SHA256
  
  daa45031a6a78976135e0dfffb7cf7428049fc88868528fb8cc5aee9cd3157fc
- SHA512
  
  5f6035c8256a9554fe92f468dc349211cc5314d98cdf60e531da344d19a1c0a1436aa47e43d2a010188c031c210c188948b0c4b9c24128c5802672e8d4d39aca
- SSDEEP
  
  24576:xSi1SoCU5qJSr1eWPSCsP0MugC6eTFIZVGV0UUTsW2DnyyNaK+:xS7PLjeTFIZV+0nsW2Oyz+
Score

7^/10

spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy