General

  • Target

    2024-11-14_8b50cde7725caa6b88bacac637f8cf5c_cobalt-strike_ryuk

  • Size

    1.7MB

  • Sample

    241114-n7xnqsyfrd

  • MD5

    8b50cde7725caa6b88bacac637f8cf5c

  • SHA1

    6c867b78c78a8a3932055407b974b15210bc3ecb

  • SHA256

    12b38c08a5cce7a551013aef30554dacc10ca90aaa5ed0519c9f4654006a4d3a

  • SHA512

    47b5913232f9ac08e8840ca1cad71f981a2808a9488f85d7bf34aea2c897a910845adc0fa615a3e87a30768c1535bb5473bea6fbf1b42afb77b49f93de60be16

  • SSDEEP

    24576:J4fE5tzcTDpuJn8NMHcyUQAobb0QvqUCcSkQ/7Gb8NLEbeZ:J4f65cTlG8NMHcn3obb0PtkQ/qoLEw

Malware Config

Targets

    • Target

      2024-11-14_8b50cde7725caa6b88bacac637f8cf5c_cobalt-strike_ryuk

    • Size

      1.7MB

    • MD5

      8b50cde7725caa6b88bacac637f8cf5c

    • SHA1

      6c867b78c78a8a3932055407b974b15210bc3ecb

    • SHA256

      12b38c08a5cce7a551013aef30554dacc10ca90aaa5ed0519c9f4654006a4d3a

    • SHA512

      47b5913232f9ac08e8840ca1cad71f981a2808a9488f85d7bf34aea2c897a910845adc0fa615a3e87a30768c1535bb5473bea6fbf1b42afb77b49f93de60be16

    • SSDEEP

      24576:J4fE5tzcTDpuJn8NMHcyUQAobb0QvqUCcSkQ/7Gb8NLEbeZ:J4f65cTlG8NMHcn3obb0PtkQ/qoLEw

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks