General

  • Target

    2024-10-26_52b8c8974c311c0c53b500e7ecfdc31d_ryuk

  • Size

    1.1MB

  • Sample

    241026-c7zbsawngz

  • MD5

    52b8c8974c311c0c53b500e7ecfdc31d

  • SHA1

    8dceec71ef7382230db7a9c843663f96e89eea5c

  • SHA256

    9f859652abd25d21500e116e2bcba561eb0ce507ae1307e500db3526ef408f24

  • SHA512

    b878a8ec268c677c3229222238aa6182ff986c24e121f9059616c1188c17c3a11ef88ff3343b4f3298dc958c45471e61826f45628f2c6d61695c659bd7e2a8f1

  • SSDEEP

    24576:ASi1SoCU5qJSr1eWPSCsP0MugC6eToVg9N9JMlDlfjRiVuVsWt5MJMsY:wS7PLjeT4gFIDRRAubt5M

Malware Config

Targets

    • Target

      2024-10-26_52b8c8974c311c0c53b500e7ecfdc31d_ryuk

    • Size

      1.1MB

    • MD5

      52b8c8974c311c0c53b500e7ecfdc31d

    • SHA1

      8dceec71ef7382230db7a9c843663f96e89eea5c

    • SHA256

      9f859652abd25d21500e116e2bcba561eb0ce507ae1307e500db3526ef408f24

    • SHA512

      b878a8ec268c677c3229222238aa6182ff986c24e121f9059616c1188c17c3a11ef88ff3343b4f3298dc958c45471e61826f45628f2c6d61695c659bd7e2a8f1

    • SSDEEP

      24576:ASi1SoCU5qJSr1eWPSCsP0MugC6eToVg9N9JMlDlfjRiVuVsWt5MJMsY:wS7PLjeT4gFIDRRAubt5M

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks