General

  • Target

    2025-01-15_2bfc30d62040dde435a3d3e04062586f_ryuk

  • Size

    1.4MB

  • Sample

    250115-3dmc8s1ker

  • MD5

    2bfc30d62040dde435a3d3e04062586f

  • SHA1

    d1f16725771e4c8afc705416e91f55e9ad76b8ac

  • SHA256

    d9576240b3ffcac186fc1697e85dbed3e3089caa1b6809fce21c20801ce208ed

  • SHA512

    f8e74e20b1d285a92a3f0b5dcb8eeb9474030da80874c62daac150011ee835e16a4e8c769f9d99ba5a222daca82fcca3a19888a8d02e93e755068f5bcfc38a72

  • SSDEEP

    24576:JOCMYhxv6WM4hvQe8dUhRJrMar1PcYc89inxLs3EL05q2Z/IrCFFZ:JOCMkxnxyesU5Yarh7P9inm4uLZOkZ

Malware Config

Targets

    • Target

      2025-01-15_2bfc30d62040dde435a3d3e04062586f_ryuk

    • Size

      1.4MB

    • MD5

      2bfc30d62040dde435a3d3e04062586f

    • SHA1

      d1f16725771e4c8afc705416e91f55e9ad76b8ac

    • SHA256

      d9576240b3ffcac186fc1697e85dbed3e3089caa1b6809fce21c20801ce208ed

    • SHA512

      f8e74e20b1d285a92a3f0b5dcb8eeb9474030da80874c62daac150011ee835e16a4e8c769f9d99ba5a222daca82fcca3a19888a8d02e93e755068f5bcfc38a72

    • SSDEEP

      24576:JOCMYhxv6WM4hvQe8dUhRJrMar1PcYc89inxLs3EL05q2Z/IrCFFZ:JOCMkxnxyesU5Yarh7P9inm4uLZOkZ

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks