3b1106e1a27e6e904916812fb6f13753f492a5ee37ff09fde731b5d3205c4c48 | Triage

Submit
Reports

Overview

overview

7

Static

static

3

2024-07-10...uk.exe

windows7-x64

1

2024-07-10...uk.exe

windows10-2004-x64

7

Sharing

General

Target

2024-07-10_210504c46fecb8d6d1787943b4130f33_ryuk
Size

1.7MB
Sample

240710-wet15s1ejj
MD5

210504c46fecb8d6d1787943b4130f33
SHA1

6ccd0fab1c9f7d324d2c62293557cf73e99a70b1
SHA256

3b1106e1a27e6e904916812fb6f13753f492a5ee37ff09fde731b5d3205c4c48
SHA512

1ccee6194ca753f3b5fd5d9d74de18b188dc1a3d0c7a14b49e86038ce989ddb30db165670da0a6bb858ff9db8fd6fb3cf537961d400b1de9b8a82aca6caa65bb
SSDEEP

24576:16V6fC/AyqGizWCaFbyj2OCWnpgA2Q3bMH2e:16cVGizWCaFbCCWnOA2x7

Score

7^/10

spyware stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

2024-07-10_210504c46fecb8d6d1787943b4130f33_ryuk.exe

Resource

win7-20240704-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

2024-07-10_210504c46fecb8d6d1787943b4130f33_ryuk.exe

Resource

win10v2004-20240709-en

spyware stealer

windows10-2004-x64

14 signatures

150 seconds

Malware Config

Targets

- Target
  
  2024-07-10_210504c46fecb8d6d1787943b4130f33_ryuk
- Size
  
  1.7MB
- MD5
  
  210504c46fecb8d6d1787943b4130f33
- SHA1
  
  6ccd0fab1c9f7d324d2c62293557cf73e99a70b1
- SHA256
  
  3b1106e1a27e6e904916812fb6f13753f492a5ee37ff09fde731b5d3205c4c48
- SHA512
  
  1ccee6194ca753f3b5fd5d9d74de18b188dc1a3d0c7a14b49e86038ce989ddb30db165670da0a6bb858ff9db8fd6fb3cf537961d400b1de9b8a82aca6caa65bb
- SSDEEP
  
  24576:16V6fC/AyqGizWCaFbyj2OCWnpgA2Q3bMH2e:16cVGizWCaFbCCWnOA2x7
Score

7^/10

spyware stealer
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy