General

  • Target

    2024-11-08_e9700cd8979ce3856caaa33daabb77f3_ryuk

  • Size

    2.8MB

  • Sample

    241108-qa111asgmf

  • MD5

    e9700cd8979ce3856caaa33daabb77f3

  • SHA1

    50b30d76f77940dc3b329fcd83af6e4922798475

  • SHA256

    1e7909ba98a00409ba16c308c5792660043453f431214b6df8a14d5ca345ce99

  • SHA512

    22223f16e78d4d9dd38d45203a2ecfff2864630aad2eccf81ee8a6aa1c7f9400f7aed01b18a59e51920226899300e33055f97074ff55b7ebe38cc2044b537d8f

  • SSDEEP

    49152:iQ2GkXOaeIKYMbmluSWlIccm4/WWu6BRFctXnhW3/59N0zNDNui0hBdH319JE3jZ:R2GH6mD08WV0tNuTBpFnE3Xc

Malware Config

Targets

    • Target

      2024-11-08_e9700cd8979ce3856caaa33daabb77f3_ryuk

    • Size

      2.8MB

    • MD5

      e9700cd8979ce3856caaa33daabb77f3

    • SHA1

      50b30d76f77940dc3b329fcd83af6e4922798475

    • SHA256

      1e7909ba98a00409ba16c308c5792660043453f431214b6df8a14d5ca345ce99

    • SHA512

      22223f16e78d4d9dd38d45203a2ecfff2864630aad2eccf81ee8a6aa1c7f9400f7aed01b18a59e51920226899300e33055f97074ff55b7ebe38cc2044b537d8f

    • SSDEEP

      49152:iQ2GkXOaeIKYMbmluSWlIccm4/WWu6BRFctXnhW3/59N0zNDNui0hBdH319JE3jZ:R2GH6mD08WV0tNuTBpFnE3Xc

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks