General

  • Target

    2024-11-14_e9c5fb7a0f509024b902824d6527c546_ryuk

  • Size

    1.6MB

  • Sample

    241114-nrzs6ayfml

  • MD5

    e9c5fb7a0f509024b902824d6527c546

  • SHA1

    c06591ae124229d9cd25c6d74b2e735477f463ab

  • SHA256

    c78b2f9429115b781e68b82e7abd205bdf0ef3df9ee199c4617a8afa1630eaf3

  • SHA512

    c692818ae0acf05b7928b83da3baa2cb0d6a6db7e9ca534e39eecff05f88b41da46d50ea5c17efa43eaa64e25ab418f6ea7d73fed974e14279add1432719a809

  • SSDEEP

    24576:16V64C/AyqGizWCaFbyPSkQ/7Gb8NLEbeZ:16c6GizWCaFb/kQ/qoLEw

Malware Config

Targets

    • Target

      2024-11-14_e9c5fb7a0f509024b902824d6527c546_ryuk

    • Size

      1.6MB

    • MD5

      e9c5fb7a0f509024b902824d6527c546

    • SHA1

      c06591ae124229d9cd25c6d74b2e735477f463ab

    • SHA256

      c78b2f9429115b781e68b82e7abd205bdf0ef3df9ee199c4617a8afa1630eaf3

    • SHA512

      c692818ae0acf05b7928b83da3baa2cb0d6a6db7e9ca534e39eecff05f88b41da46d50ea5c17efa43eaa64e25ab418f6ea7d73fed974e14279add1432719a809

    • SSDEEP

      24576:16V64C/AyqGizWCaFbyPSkQ/7Gb8NLEbeZ:16c6GizWCaFb/kQ/qoLEw

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks