4adaeb26c829e74d17d5c785e6a32ba4f5c4a9f0fbe9ec90910de47eb34d5ab9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-07-09_7d0241721ba67b822779d9f71c58ce24_ryuk
Size

2.2MB
Sample

240709-sc6elsyhpr
MD5

7d0241721ba67b822779d9f71c58ce24
SHA1

f5399d4792d61aae5c51f7466a31077ac28eae60
SHA256

4adaeb26c829e74d17d5c785e6a32ba4f5c4a9f0fbe9ec90910de47eb34d5ab9
SHA512

da870c0f759ad7c1632ec16cbec61d0ab9a674ce7bb38702be0b0ba017dbde27d1d5c1cf543c6bc374fb4739abe61e2f6e90eddc4f440f9288d055808457cb18
SSDEEP

24576:ROObVw4TaN1wdFukCba4oXtgLhU3wEdmh58lsqjnhMgeiCl7G0nehbGZpbD:ROOh3aN4FuLbegmtGCDmg27RnWGj

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  2024-07-09_7d0241721ba67b822779d9f71c58ce24_ryuk
- Size
  
  2.2MB
- MD5
  
  7d0241721ba67b822779d9f71c58ce24
- SHA1
  
  f5399d4792d61aae5c51f7466a31077ac28eae60
- SHA256
  
  4adaeb26c829e74d17d5c785e6a32ba4f5c4a9f0fbe9ec90910de47eb34d5ab9
- SHA512
  
  da870c0f759ad7c1632ec16cbec61d0ab9a674ce7bb38702be0b0ba017dbde27d1d5c1cf543c6bc374fb4739abe61e2f6e90eddc4f440f9288d055808457cb18
- SSDEEP
  
  24576:ROObVw4TaN1wdFukCba4oXtgLhU3wEdmh58lsqjnhMgeiCl7G0nehbGZpbD:ROOh3aN4FuLbegmtGCDmg27RnWGj
Score

7^/10

spyware stealer
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2