0941951b140d006a71fb2c50219f66119341dbf9352b58b39fd30815153a9295 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-07-10_930df551acf3c024d52fd7cb892dc6da_ryuk
Size

1.9MB
Sample

240710-mm3htavdqe
MD5

930df551acf3c024d52fd7cb892dc6da
SHA1

ded4786a5af4ed9230d5eadf51a77dbac85c4000
SHA256

0941951b140d006a71fb2c50219f66119341dbf9352b58b39fd30815153a9295
SHA512

041f3e7c305904dda245baf6352ef6e67aa14fad959fbb98a12955762e23d7e4c95bdacd5c02f190a2d865ffbf1164707badf79ddf975115fa2d4975d2c79def
SSDEEP

24576:W78r8FfC3F32nUnCdAaKu++nO2Hofe3y1sInB2COzRq8DvFqt:W/fQF37CGaPhP4suIRbDv

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  2024-07-10_930df551acf3c024d52fd7cb892dc6da_ryuk
- Size
  
  1.9MB
- MD5
  
  930df551acf3c024d52fd7cb892dc6da
- SHA1
  
  ded4786a5af4ed9230d5eadf51a77dbac85c4000
- SHA256
  
  0941951b140d006a71fb2c50219f66119341dbf9352b58b39fd30815153a9295
- SHA512
  
  041f3e7c305904dda245baf6352ef6e67aa14fad959fbb98a12955762e23d7e4c95bdacd5c02f190a2d865ffbf1164707badf79ddf975115fa2d4975d2c79def
- SSDEEP
  
  24576:W78r8FfC3F32nUnCdAaKu++nO2Hofe3y1sInB2COzRq8DvFqt:W/fQF37CGaPhP4suIRbDv
Score

7^/10

spyware stealer
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1