42e064a03b514482686bea7bc83363fa5c69b6458b475eebdfda57b7159dcec6 | Triage

Sharing

General

Target

2024-08-23_d38ea6eaad9197dffa5252b66249a707_cobalt-strike_hijackloader_ryuk
Size

3.6MB
Sample

240823-1et4csxhnb
MD5

d38ea6eaad9197dffa5252b66249a707
SHA1

209667d2d8e7ba24f0bac99a528a6d5c2ec75097
SHA256

42e064a03b514482686bea7bc83363fa5c69b6458b475eebdfda57b7159dcec6
SHA512

f355aba8435fd766b18af7fbd2f77dc4d474ad395a7bad427ed7d63e417d64cf2cd39bfb588303b1b08fa730c4bfff3b654a99a69e75b9e5d88c5a4f4b88f949
SSDEEP

49152:7WRqwwZBbklQCzHswt2Eo0Gl6zanvVD9ctavPDe1uV:h/DQHp0Eo0MGjU

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  2024-08-23_d38ea6eaad9197dffa5252b66249a707_cobalt-strike_hijackloader_ryuk
- Size
  
  3.6MB
- MD5
  
  d38ea6eaad9197dffa5252b66249a707
- SHA1
  
  209667d2d8e7ba24f0bac99a528a6d5c2ec75097
- SHA256
  
  42e064a03b514482686bea7bc83363fa5c69b6458b475eebdfda57b7159dcec6
- SHA512
  
  f355aba8435fd766b18af7fbd2f77dc4d474ad395a7bad427ed7d63e417d64cf2cd39bfb588303b1b08fa730c4bfff3b654a99a69e75b9e5d88c5a4f4b88f949
- SSDEEP
  
  49152:7WRqwwZBbklQCzHswt2Eo0Gl6zanvVD9ctavPDe1uV:h/DQHp0Eo0MGjU
Score

7^/10

spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1