General

  • Target

    2024-11-08_8f0ac873b733bb1c5ea6063057e119e0_ryuk

  • Size

    1.1MB

  • Sample

    241108-3pegrsselj

  • MD5

    8f0ac873b733bb1c5ea6063057e119e0

  • SHA1

    f9b42abb789fc037dadfe7fd625387e01e9b0551

  • SHA256

    4346f49454355a7e1f79546d8aaeaf05bf3c3c465940ce52116a9ac3eb9f1760

  • SHA512

    5fd97d273aa874ccbaf89e07faa6a6c3bff1f376118302e9373967eac796e2cba577aad1c9ef2ab6ef7caeea32c65e9a12194af728a743962cb13d2829f71da1

  • SSDEEP

    24576:qSi1SoCU5qJSr1eWPSCsP0MugC6eTbSkQ/7Gb8NLEbeZ:SS7PLjeTmkQ/qoLEw

Malware Config

Targets

    • Target

      2024-11-08_8f0ac873b733bb1c5ea6063057e119e0_ryuk

    • Size

      1.1MB

    • MD5

      8f0ac873b733bb1c5ea6063057e119e0

    • SHA1

      f9b42abb789fc037dadfe7fd625387e01e9b0551

    • SHA256

      4346f49454355a7e1f79546d8aaeaf05bf3c3c465940ce52116a9ac3eb9f1760

    • SHA512

      5fd97d273aa874ccbaf89e07faa6a6c3bff1f376118302e9373967eac796e2cba577aad1c9ef2ab6ef7caeea32c65e9a12194af728a743962cb13d2829f71da1

    • SSDEEP

      24576:qSi1SoCU5qJSr1eWPSCsP0MugC6eTbSkQ/7Gb8NLEbeZ:SS7PLjeTmkQ/qoLEw

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks