ea872c3ffef9cf9b1c7957381a51f0ba7ac225c241b1f5cc591e751034e45a7a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-09-09_cb22d5b5dc6c56248ed66a4c26caa062_cobalt-strike_ryuk
Size

4.4MB
Sample

240909-zl9xqayhqr
MD5

cb22d5b5dc6c56248ed66a4c26caa062
SHA1

b0ba7b603f770723f3cd8505b05c1d4931a43973
SHA256

ea872c3ffef9cf9b1c7957381a51f0ba7ac225c241b1f5cc591e751034e45a7a
SHA512

1b384d9a30495e7b8c246e558364cd3acb20b4c58c0e3efaed2feb4d68a585dc8de5eca48a28404dcb933c95595e3c5072ac72a7b8339a98553037014c60b9e8
SSDEEP

49152:mKqJRj142cZbJeGG+vLnxnc4SuKBb7onnUCGHQP56zmDF2XtcgvBpdvvHK+CZ2uw:Icc4HKyUrB+6Bpd

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  2024-09-09_cb22d5b5dc6c56248ed66a4c26caa062_cobalt-strike_ryuk
- Size
  
  4.4MB
- MD5
  
  cb22d5b5dc6c56248ed66a4c26caa062
- SHA1
  
  b0ba7b603f770723f3cd8505b05c1d4931a43973
- SHA256
  
  ea872c3ffef9cf9b1c7957381a51f0ba7ac225c241b1f5cc591e751034e45a7a
- SHA512
  
  1b384d9a30495e7b8c246e558364cd3acb20b4c58c0e3efaed2feb4d68a585dc8de5eca48a28404dcb933c95595e3c5072ac72a7b8339a98553037014c60b9e8
- SSDEEP
  
  49152:mKqJRj142cZbJeGG+vLnxnc4SuKBb7onnUCGHQP56zmDF2XtcgvBpdvvHK+CZ2uw:Icc4HKyUrB+6Bpd
Score

7^/10

spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1