67a58021dd5d116dc37d261a1367ee18134fc8288e6ceec478f4b5e9482e6a3a | Triage

Sharing

General

Target

2024-07-22_46c7433731dafa54f02a7b296692dcf5_cobalt-strike_ryuk
Size

1.9MB
Sample

240722-vzk4asycma
MD5

46c7433731dafa54f02a7b296692dcf5
SHA1

39f3b472ef5b31c996cf8b56e00739c911811d78
SHA256

67a58021dd5d116dc37d261a1367ee18134fc8288e6ceec478f4b5e9482e6a3a
SHA512

cdb50683803da3dae25320195cd5cbdee503de346bef14d92240640ae8e3f71ad7c876f7ba0f4effdaf9ac21ebda84b99424770270dc093c1e4aef17bc707661
SSDEEP

24576:+gKuuybyX3q+tb12C/a143IGCL3Satr0zAiX90z/F0jsFB3SQk:+BObyX3q+7D/K4A3SaB0zj0yjoB2

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  2024-07-22_46c7433731dafa54f02a7b296692dcf5_cobalt-strike_ryuk
- Size
  
  1.9MB
- MD5
  
  46c7433731dafa54f02a7b296692dcf5
- SHA1
  
  39f3b472ef5b31c996cf8b56e00739c911811d78
- SHA256
  
  67a58021dd5d116dc37d261a1367ee18134fc8288e6ceec478f4b5e9482e6a3a
- SHA512
  
  cdb50683803da3dae25320195cd5cbdee503de346bef14d92240640ae8e3f71ad7c876f7ba0f4effdaf9ac21ebda84b99424770270dc093c1e4aef17bc707661
- SSDEEP
  
  24576:+gKuuybyX3q+tb12C/a143IGCL3Satr0zAiX90z/F0jsFB3SQk:+BObyX3q+7D/K4A3SaB0zj0yjoB2
Score

7^/10

spyware stealer
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1