Overview

overview

7

Static

static

3

2024-08-12...uk.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-08-12_4828d6edd776ad592408cb1d9da50219_cobalt-strike_ryuk

  • Size

    4.6MB

  • Sample

    240812-kcgr9axdma

  • MD5

    4828d6edd776ad592408cb1d9da50219

  • SHA1

    e72742713facfc3a0f491d2f42439ee27c600fb7

  • SHA256

    0590b06a917252f838c63a0f6ddee92d25e46cae09a458c979800b556764b4c5

  • SHA512

    4a1fbfc0c4265dc034ab82a7d6898d0e0acc46d37e696d5b176ab04c5b8516bd2f66efc223826460340fa0fc26567a0ab15392b4fdb56ec4b5eccc17f8016fe2

  • SSDEEP

    49152:hndPjazwYcCOlBWD9rqGZi0iIGTHI6DOnIIeNxu6xl1aZt6m5xbzDI6bpsRJrAGT:92D8siFIIm3Gob5iEpB2Yyjl

Score
7/10
discoveryspywarestealer

Malware Config

Targets

    • Target

      2024-08-12_4828d6edd776ad592408cb1d9da50219_cobalt-strike_ryuk

    • Size

      4.6MB

    • MD5

      4828d6edd776ad592408cb1d9da50219

    • SHA1

      e72742713facfc3a0f491d2f42439ee27c600fb7

    • SHA256

      0590b06a917252f838c63a0f6ddee92d25e46cae09a458c979800b556764b4c5

    • SHA512

      4a1fbfc0c4265dc034ab82a7d6898d0e0acc46d37e696d5b176ab04c5b8516bd2f66efc223826460340fa0fc26567a0ab15392b4fdb56ec4b5eccc17f8016fe2

    • SSDEEP

      49152:hndPjazwYcCOlBWD9rqGZi0iIGTHI6DOnIIeNxu6xl1aZt6m5xbzDI6bpsRJrAGT:92D8siFIIm3Gob5iEpB2Yyjl

    Score
    7/10
    discoveryspywarestealer

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Drops file in System32 directory

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks