ryuk | 51ec1631a41116543155d62343c319cc18fbc96ff69d13486628059c8996082d | Triage

Submit
Reports

Overview

overview

Static

static

2ffa792d22...79.exe

windows7_x64

2ffa792d22...79.exe

windows10_x64

Sharing

General

Target

5894742865641472.zip
Size

148KB
Sample

210222-85qb9xbx7n
MD5

d0cb4797148f5af81d9cd86afcf7b9a5
SHA1

a2848df8379f67728df6bc5bc3ea14c7407ff6c6
SHA256

51ec1631a41116543155d62343c319cc18fbc96ff69d13486628059c8996082d
SHA512

773419d7675a2a429c787183398a0239e4eb1672aba2ddbdd998f3bf1bb724868e8e5b3bc3098f6a2be8c61d69f5c91195abebf04fe59190fa61b87cd2a42f5e

Score

10^/10

ryuk discovery ransomware

Static task

static1

Behavioral task

behavioral1

Sample

2ffa792d22c729a6c092b7a7cc8b7fb2de567c2d370fb6a2e6f4e7ffca74fe79.exe

Resource

win7v20201028

ryuk discovery ransomware

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

2ffa792d22c729a6c092b7a7cc8b7fb2de567c2d370fb6a2e6f4e7ffca74fe79.exe

Resource

win10v20201028

ryuk discovery ransomware

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  2ffa792d22c729a6c092b7a7cc8b7fb2de567c2d370fb6a2e6f4e7ffca74fe79
- Size
  
  314KB
- MD5
  
  89e60fff097ebf9b27bc8aa9b1564da0
- SHA1
  
  9a1755bcfb3496290333f33b1b0b738016b868bf
- SHA256
  
  2ffa792d22c729a6c092b7a7cc8b7fb2de567c2d370fb6a2e6f4e7ffca74fe79
- SHA512
  
  a471d4ad11bb4fdb2adcf988a133a53a7b3b536681f421e1c13047bbfeeacfef3a232689de215a8bf81e55515c5cf92081e0b41893c56712bf328aae67de8055
Score

10^/10

ryuk discovery ransomware
- Ryuk
  Ransomware distributed via existing botnets, often Trickbot or Emotet.
  ransomware ryuk
- Executes dropped EXE
- Drops startup file
- Loads dropped DLL
- Modifies file permissions
  discovery
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ryukdiscoveryransomware

behavioral2

ryukdiscoveryransomware

© 2018-2025

Terms | Privacy