Overview

overview

10

Static

static

c3e2744b22...a9.exe

windows7_x64

10

c3e2744b22...a9.exe

windows10_x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c3e2744b2214c3671416bbd4014d9647307a51e88950268be225be32ed672ca9.exe

  • Size

    156KB

  • Sample

    211213-h396dadcf2

  • MD5

    4a2c7295771216a38836758181eb0ac6

  • SHA1

    d197da3c3966469ed7488d09bbfbc0098b0a337a

  • SHA256

    c3e2744b2214c3671416bbd4014d9647307a51e88950268be225be32ed672ca9

  • SHA512

    e28bc8a22dedcd5bdb0f5ce0a807db31e79cd1870efafbb7ad19a4f6723699ae1e11ddb1262754d285608b05b9121c242e4cc976e319ebbbd850715bac2832a9

Score
10/10
ryukransomwarespywarestealer

Malware Config

Extracted

Path

C:\Users\Admin\AppData\Local\Temp\Microsoft .NET Framework 4.7.2 Setup_20211208_144704667-MSI_netfx_Full_x64.msi.txt

Family

ryuk

Ransom Note
bmJGaXljRnZmQTZDeW5qeGHKMdW3lkGKe8WjwXpk0_e00-qSF3I-tgiBP2KA2j7Amkc8ZGm7_oOVmvDyzd628ENHwi76zMsBowe9yhQ91I8tSKbFjjKs0wlj7-lLYLCk4zL9JQzfgl1vNL2BKXP9a38KAa5NGEfG9c7eY9u_yDtZ5NlaPPRA1CriPC2NORnkHNb-W-TD16Q_2Y0F90o3xJUDs-fWlpPUN2oRMBSHjEEFKxxUsaVJvAyKAsO27Mr9xGlEOkxHgC8RguRVEvqd5yVtMZ4vxosRraZtKAfZbDM0fnvGPNIggmDeM1K9zEzz2zm0iQ6x6Aj-BMyeZY0OCKOQF7IwqhTZ5y1N3PPsyG2EtLeCJEZ44sAF2AzPpW0fSd9VfQHki8i-nDW5ZOY-FtLpMgJZOCMjZL9vY1xUJTmDfLQqNC1GIJyLX7c-wJKdPBmtK5bMCvzrkoQpoU7zopnLjhTJzq1f7aAc5o_bmkrTiMnZf3nI7bPyxx15tuk5kKwrKDfGCE_tym0OL4HMsC05EMFOc1bHIhyL2qp6cq-tHHYX2da9cjyUHKhTZKNiYUSC1Vz1KlTdIizXSFVtK4COxkbZi1pYdQ9dWPgTReQBxBTcPNGOyXSysSc1xyQYotzXMvCNevi6M97HTLcbfRaiTh7UbuYXdj3q7NQOBJYiWsPFXLhfA-ZwisDmULAp3kvBAquZxbR6rXmjWC5BCqsyqwXxNRkVwXb-5HHe2hGVup5CYFxlovT7JEZ9FCy-DcnTL2SrYt51L83X_QxlW4x5megeuiJIPU57O8eHog_PCB3S4zLMs_rkw4FoENCH3Tst3sb6kO3lKUiNAtpDMD04aEVLtDyFCbeG6DP9UPK8mJfaeQXxrW7-OKu8MKmD9HeWKeRDNBwxMMyIty-70jZp6yPHb967Cdfxhgk2EN0XilFJGntMSNrtsqZN3jaV0qUjQydqa7Wh070M9NTUfi7temhL2Nux0S3EjhLLGQLdas4cSDhCj823l8Fw65SiHisulfmBFd1WGBZ5ZJNyOtQHud1_1eqmfEI4ZqjgGY_gFlrYUpvVqMqhwO1LFKJxVUMdFETBxgPTVraw854FyRn3Ll3HqEj5JzeZmLbisas6PPiaR01TyuoNS-HZXOPxFgAYQISxccm1PSBqGRMwyu9TpuDz-CkNpJ9mgyQJkyg38DbPyaXNXpIeieu5YBz-0UzLoLRdsMnhgVjnMNqDSDyankLCh3_u9d0SFEVVr9Qzd65XGWZ49XcamIwEyCzxKj6Xq9HoDubcPNeuFPUaJPulHagk0szvI68GZO42ANprDe_B74pAPYwedQPvQObmcN-9scopiMOkauL3s4KuaiqhyDvpvMvHRdiS42ZuxoEZNRgdJY-yOOJBR504iJnmd4z96l7bX_Xd_NEFQsSiFAifarlNbnyHQRTdQFiyvd8oxsXd0E2pfSeLWW2ROVICdAqBZvw1rG-h9NFve03baocnl6z7odb0vU-zD0sQPF4GCtcOQX1JWvFrmDKo8Reei1HhnJGDfskRZJiau1qnwkqKvOAH0UHJ8BEl6mpS0S4AZAMd3i26DgLIS5trLlChFAV9Tc2VbBe_rwgy6VJ7h4Ix4b7QdDWfjGi-Nti1nK9j-rlPK8rnlA2o4PmSXE9bme9GMpb6LUsM4GFYml0p8jrYMYmLolzh8T9SaZw3Ndcwx4L6_hzP70V4Gm5f7uk61sU1K-2INMBeETO2WxSw4MnvhvV4_ZvS16XuyZOajHng4j3IN5nUYxUme_cfMn0OfwWvOO64RlfZcKucbdOu8uOS88V9y70rFCJKsnmJ-4ea04I_GoXR7n6u34umrmdhTLFC18-Qo4njSrXB-JjsdApMcQ-JdDnbCmNwXHi9WsMPC5BXthZLOOEsq_BKBSPFbbTuv4Kc3LuyCLecqj-JVN83RTP4XpslABype3iXg_hdCk3aV4uwleGIaSKYhDQSP-DGEorK9r0TVomaSdxtDc8bRsk2vGBzSiR1dY5mea-KSPPqucuA_8hdHkygahksQr7Nj7D-fQeF1qb-fYuBzozWYXwGEsd6AfRspw0p0Q_zAfsGOvyMxYOkgKq5PVrX8WW39BAVKCEetWmsB1hkJor7gn7Iaa9nUFWgNmc9D6PJOxXmKIe3j7o6bcMR-UNv7lHRW0QdpFxSTINA8OUHFUplRvLQ_aXKQY8GjROs3RAz6u3Mqf7gJLrvbmlKs4g2-s6-3kGAlhqAfSh2DzDYlIpqlvO96bcd9YQZ0r9oC0OGb6oyUz7k38L4QLo5xtMCxK_pfEFXqBCSkI2qqNbE-l7qPyccY_6xevmwmUSvuFP_AAmFRPAOjcUItS6XoYpW-KfJIyORQqpi4nxEAHg0F30MLxTz93CPc3J8PV8c7e7_YoHR04uxXuvkMCmMvPqo3kWu5nXTqth3ZqJfdye6FE3ThrPql2JGnNpOjRQMeTCNQsWKjR0ePRXG_Gzh-Vma7mNQhnm0mwZRXu7xahqBhLBRIe5JLc96hpBKFXPI7Cv4Tgnl-BP2b9JOfJ-Y7jZISiTBFlWI1jzjIZfhzidmwZeA86ZHGgCrDxVi1I0BMBaD8hR2XVNIb7FDSg521__EQUZ8fNX44uiuCmkcZyAAquj0sUo59Ynp3b55JMJBEMGDmaUPpPHUCW3PhIa9-OCbBcYSH3SU_S1AZUtOah3KyCC5Dh7OfYFe_Z7XjAI2gNuQoHwyXoDID7PmzJ6_C1MSF5okwRhcrwoYWsCpgAvAe2_sPutpTPCgrfFNt7IMNC_3HaMm5qMu7QJQ19k-8mek_4Y-orS6wklrNzoCcxy5PaywT0XGXCaj12VOrjuqNsC2mST1cajgEluJbRJjr7xM5ygrhxkAQMvbLVyC7vRF76F2KQBhGv2pgq4sPhmcgdEf_0ulL74vvgkobhwpzjOcfIXu1g2GAhmx7ocAB0n7QxwXpTYLkKTYbcEm57Lk7-WPTKHdle4iia5fw6QHumM34l_HukjkCTFts2O4ACZQm0ZWdQiI_HoOLaBB8phaxoFcLcO5d9kmAJsiKnjbB_10ZN5ZzUuKIgq-moSp4IeZZYnHa32KmumyWE8ZbnWUFsBIpo9rasxA2ke1L7hLuBm_U4E5zBd5-nNm2Z05Nkl76tuSoIspX_fpW6oCNmC_vlhQM0_2znyONRhvqq5RvQjfCP8I2JgS63ls43n8c0AOBqnGeoAVqZ3XBEBCWlRlbjX3qcuWMeyn-JeMR89sLTCRdDuXF9S_Jw-yOZLR4AKRg6CXFZqaz9qXuWRAg6ZQQe27CeIpEYr4NWB_IPumXtD6475nTu2XqTdaWSpJ2TEvH7wfT3CthD_bgQoWMcUq2AmketNcZqLXO5lvPOieui0s5QIS6QjvEvglgaSurCOhqVj0DPoYmiD43zZR4XQq89eNb5LyYCTW1fw7FbmGTmWwI8KLHa8setRdwX9zUM4LSfRGMWXVRvSYv1g6WkDhbqyHPf9W6WdZQrZnuCPWV9-Fv1ZhfyyehAFHCQ_midxhjbdGabwePTRGgi4c-4GNAVmnWVhmFYeP1u44vMgwFXjUob419VdrFyLTQTDhQGE-zBlNzf672-sY5p1lrn6RETs7MOVL6evdztKy6zii1hooNoiyQZw7M-V33PBpV5KDvhYbbu-jboZdRyo-iFoEoWpojL_44ch0s0mpbsP8_7u-btuina5rXkoS4KMsRytTMnFk_UV5d8xCw5_SorJE4-KyboyVYqIZqVs2XKKwzAfCLSDc9290Prifi6Y8g0ra0_4DG6flHTGjW-vWfXK8R9qgIud09wI2xwMpAGgPMMbyUKiouHXKOV5v_6vHBw-N0vFZ2gQJgb2VtS-w0kpLuFhr4rAIuKDIGvMyMw3cRDz_eebOGlKzXsOfGPofuZO_6KmaBj7-ggRYEdTpts4Wk6r5yIfB7GMTq4v-b5OGPvAFle2aLa8clminzEgmlUDscx0LBt7HtSLmPt1jpwUBarGziGNIWux7-9jyB6BF1o9jRUP3M5lgWiIJ38RgRpfhWGm4KeGqH0LxSFb3DbJJFG8UOEMipPzUjTJ25QYumw8wnjKPyXXvwOhSKMF_hYGNLUo6nRxfqfkdOocD4OQuKSlSw2h33XQFjFbhW2CZj3xRZl0xz6jCqn4J_EmRq7MEKnFFjEftiJmSU1bq_tCAzQVB4Jz0RTvvE0-SHNMUrcc2rC96A2sSyfdZ-SSOOznovHsPqPOWp3QvNAgvMLo7w2gy0ssFEX3RQyrh2vKZbFJX6uGo4eFrBlN_TxqK1fmNieNGeSYbH1BeyCdCPVbcouosjwIn5UTpeI7tf5B6OqOzSP09ukqNczaT8zFWI4h5bz1Y4cVaMbNSKkPW3nlIZwD_WjKHsoFsFUcAHwcUTpOPaSYmkSME9IhPIXkERqrqWz94pybgnwzLUZeZCZbjJoiO8NfQ6nEvlkI1FvcWqLRs3ae4A1TVLRQi0QkopWl9rZOsQnZ8hCKJXPuW67RrkrcW5vd2drTrAr0t75LiNTflGDAB_mbzfNFth4R3322PMyhraC1dC4RR36QqrkC0KkgiiiFtYUdPTuR_hQXVBMZos3B196QES0zE_CKrAe2EivoB1f9ETw2NSnmiPs8wcvpAWtDCMuvn0WdhdSj6HMIUYEFAMBwrPrwL7ggCQslM-14p9pWkR3hg-ZMkhERQ0Sbft847LTF4Frhv_gO5cJzOR7WaoOPYZmGHZb31o4ucL0coN6Ld0Na950f6TgVtX2rUUJaVfK-FqTBhQg9cfZUHtlOL3LnoouQK4o0pC7W3QogijeqYYLqWWBOzVpCprtzD-SFZlubznM7ReLflKyaVbQ9TV_rXGhFLkqARBZ7KUoa6OlcmEuh5pIC1lb57jk8YkTlOn9lOvjmWt84TkruNJ6OAoGF8Xs9jAe_VIwCI4Tk8caJslixs-3MnFxIIKGG0fu8kvm4uju-ks-ziOdUSIh8qnppOON-fmLmvqoZmRVxk3ywWJT1vjatkol76XSGn_Xvfl2M_qtqZCQ9HdrHY5EB308LCc6YUZ_eISLKwWWUgJX0l-UWfvB0q3C8MaIXKTBP7dpY62wzBnpvG-hxjNlCuutTDyLEAnkJaPRhANuh6hP6dzT8KN-5m83UXGpMXJbsB3zIgMAk4zWqmI2fpxw-ddI8iUQEAPdBdR0qlu6sIBNDD3RflvimRS8n_Enuj6cnHmNj2zH-VupKyEfgeW6fCr_mau2MsPGecAUkp0LHVaJJ3L6vlYOajNNQdExWuODlZR532CgoWcS31N6kpEf_hJRYoCPT6tr2cQSvV2ZYSDBOLFqelR2rFScu7JGs_6wUEuQ1gS-5sBqwimdyAr5cVS2fEjs2jlu-QjNfwRXL9j59EGyyaCnlV3SXFRwHqhxEC_JvOpBoMEA7O3A2XuqaWMLHN3H3BR7xgxvsqPzbBRdskJpkIh1O6nDEOvZqmzZHPPZ08hiCmGk3oygnbGgwS5UWcmC6l0Sd6i6v0-Nj9Q4hrzOEtFPh8PvQfgRpXAETO0nvTxXmQoD2t28T6YQSD5QyjGPnbPjw6nyFZ1l2eCNrFG-6m5vjIxxXW75g70GsO58KgqZJLivmbBfMpbhVqZNhudk2Xd2SyTBsxl_2uPox7IpZYkLrDtn3JcSuaMEWfZH82_H5t_tBIFCrqXbopnWIUtyJxuUlFgwaycAYyOLlGA9Zmyh1RhWxYchIGpqJenCpatYsPwjovFo3bto2Yqr-liy0OjSC4GEW-3zfr5FT1uGBesUb2XltugGZ1K4qypbpVyUFdDrybKfxrmW96OpuLHA2Ixf3l9-YSQ8_UP-b00FUnTk1DQnbuTaUuzuXR1h1yF64IucvyWG8OV9Ksf38XD10pPyG6Za12T0lNQOBNu7qwguJCNvD1V17l8yTphEV5IVQskf_-279-5SLF_meV5M8B-qLMz9T2kG3_xuGW51d6Y2X2PelWmgQ2VGUIt5IzT5mms2UruN-QVkxsJo2M-n9zRdTSuaox0U82XfyXiVLnHqgIWHS-W48SESdk9UtnGzzyhttx3Ih0qcW1F9i0Z7FJWKEV0WqYoEIVG3cD6Nfjx-82yJm_I-IvcoFnbzSx1cnb4oSO-A5y7gEDzCDA5pvWPPz87nRKHvm4ROqk3fukAI-00Yv8KKaW18DqY_cC-lyr_LtXYhUVKo4Lj_hQIOMBmWtsAOMKe8KoGZ3TTSXjQQ7IBZXb0CojVQe1z0eQ9OoRF3pb1yZojdvjncM7nDDeGg91qOkZUfx8hunG_3ggFjTZ5xSeYEEuqLiDSdn2Vl_AwHpFzXO9GNmy5qIZQyF_KY3eruvX8x-rAmMM7OOyqd1aup7Kc-TFucvW6ejAdn1JGodeXWxUo3yLrrrxXVKQ5p53LW0UbBllePKWESNEmi59gIyEMjfQhJHB3LHXTd2bm--r3Dds8k3wJsiy9pGpbIQLiMpDEqsqgaUs7mMDNDD9JOWAwUC4iUiNknroXQjhsnQjlW7Crgb0hMPF02pneBgUt5XpNg4zHEgSdh_HNsXXdHuqSqVKj8s6AVgq7vhn1IlIfooZwlTM7MoSoO0oeMgxwvsIdkcv69J2TR823kXo1wKrGdstRHGNwvptb1x4mYVwy23VzSVp0h9xbXntWaD6m0C9eMdJfhAQkLh6IHG3ECkBmc6t2PTCNCtrGTpbJDL8hBcjoKEgxrxVpkzp0U5wQMfkV7Xa0XaEyZ-OV3vO81YaWn5Aqo0rZeIj1Sp30fyvmVLSUkmyEKNN4XVy91k0oHYNX6_1TIMhYYDwCU4JVtZWOO6iR-skPGD2_vevm-SnUkDFnML0V6AQs4SZB50wu8RlT0HD_egootIzTkISx0PiWq28-FuyqpSKcQ5Ve1aYN9vR2jjSRAT74tEOnPrYK6lGRW0Oc0Rqua-g6Ty-cJLb4j9qiAMEPn4UwHIvDCmYeINYdwWO8-InKyUPXX_9WxtBti_V-dZnAqKAZPuwuFOa1LD8fBfFZorkKZexZJB5taraLa8TkvHreJJqN0BlS2Hgq26H8BZui3oXjTqch7-dt_AGwCYqc4q2QDk3rk5dTi5OPaZhPQBZ1yZzlgzD5qvJxUhaxnh5PvWOJ-NoPHJrnlm4YEbFBpEMb8h3A2hONWv9WC5hIPNi1fD0r-YQTqEezT7g9URHC4VhqTzzMrdmRqe56-MRUXWfMWXbM4sng0NgX61giWPMJR1DrPKSG8go6Hom_boYGDJksA35FYIn3QKt-n1P8A-bPCQyd6inv0YE8QQffRBkjM8l-td_2mVDBSURDHPOLWNC0oGx3ug7fpHraBJvGHnzC_yx7d2GU6gKVwBP5UhJ_h1Is6WbglSdbx8Eonri0Ju5-d-RxSODWQHbwpIrQeN_65yJOGbpxYqLfjru1WdHivyeAMYVJjDSupo4GRCHwgQFUVP6ZEGuCylFgklEXUukXxIcsrPQJdYXQ95LiEf22_pSIdhlFajYuD1YaNZc38o--lEm7pAjZJzkrxGXsK6jqb-Nu1gqUBr_J2IxmcA6w1prqOQGeP_cOyidR6eMZK7uwbIoB0tByq8xtW90OnDVuk1ErhCdsc8fWoDRC4HEybxpmFpDE_2n9FU2YOPZna6Q3L8G1ANe3MUZblKRwP4wBdkdlJ3gVkvcmi1CSW1ECulxn_08HmlMzxgmMutq0iDpVjnkixFFE6ZMz3y2RCFtu7NHen5OfOksbXJR4L34FEQTJ504wpsXK71VzwRYYWkofbEp9McevNRUetx-qAazW2zRHknnOBS_LnFOwDZavaOvHNm9mCDX3ivu0aq30P6EsXhR-7KUKY517NH6eNzG40dN8a9dfzp7hoNJdf9Ch018YZsBi3DlvTvj5nRidLRMlMiuSQdNYzTPveSu2DzTBW77at314Hox6lt5sHe3dlPmbDluGWN8Xhq_a7XRoE-U7WZcNdl-1Kva3AczJ2xwXvjoSaO2zCNn2U8BowI_E2Msuk3YbKCn6_qNT4aIfRRT17edgD9C0_MF8bDLYljBM7s6F1XIP-z6sEp_U0r448vlPtAxcrEA3CMruGBYQQ4xBpDlyu5J2K8ySlEi4Uf7wSmWyTJ9Z1TACGLGa3r94SawovBEHIa8LFUjg0hko69A00ZCyxw4Zulq26vPIrN2LjwBA3Mz9Ebz3XbcOulUQfh99a2sdORT_7oWARYp_jcHQoyvMYEs-FhKZSfQZGKsheTslWRBramNNRAoXZFcW303n9BK5wR3IcbrEcJVRzJVzZwHYwQ3zNJxAS13TNXT3zGpcU7p1c9ukB4FQEcbKzgNMjd6BdIpWvpj7pBYlstnxu6KUL3AFjv7UMWRI9fcqt2nZmP9vtS3i3qcozGMRHU2rrensPRjK1w8z61pA21LjmBChWoNT_F12nRXEmES178XA1SrGfyuIhKnAtFqTGMECB0pP5mY43oO_ZSH7Cmx3TyRY30gfL2B-I9AaYv8mjxVrOyokVJKZOUmizx1nyqRLLjprVDOyO1r5vNICQFI6xtkLSQQPZUSimuc-d-PmiCd6dHxUHk0yzoFh_rUjtad4_FZL3u1BYcf6E1YdEhGtZRTC0D9W_n8lm_xsTNLZqDejZJk3HWHdN0P0_bcxSdh0m0OTHzHu5HA1FGbiBpem5RkDj2JP-pl975I6-cw4lG41CVTSKkdW-DVOmhXYhrrJqMjTfj9ncAvnr0fXa-1dUHPu2rhcrmtbbAK7gfj_cWphDMxRuAxAgiWmxMp6R7KC4pXtoH6Mo_bXepql1ASwS7ZignLtz6iY4XlYCOgyiMF7SOTiFxaM-u1u_TTfAOO5B-PvT271Rd5qyz1HQVoHhrUjXr-btnb5VRODjjdI3RZIJ-604dIR554Qsx0_1FL2CsBm19ZgEz4k_m1XE493WPdIERJuSwfWp6CMJfSNZJ7Aa3AK3GNzEMSpYTiaDE5gBHQDkyM26Oa4Ghq-Vg5fvHlQHJ2UHsl1oYzv-2jCcPECTcGwiPglgNGsP-2_3CxlSZQh1yGYcvSKi2ImuMyop2ieEiR3JK43gMU_O6sWYBf-6w1g4uapUnmnSu_51uWodmVh_ILtx_1sZvB-LHo0HGASTOoxlRkXFCjg4WSGNVlyL7KSHRmEw_1jglQDHr7zxZmLe_SwbSKz77vToPukBcTPs5D1C56QdAt35gRA1bef28o9qnoNFnm5ouN6vyj14Yw4DR8Ty3wNcW2FbAXNOAVAd6G0R0ZTZdcoD5Pa-eNijRA_IESrVSNVvXCHHDdFraY_65BQ1dwQ8NQZMWlSaKPqhBOFzcVjK_t1_Ub0eoU00CPBrr8fX059wMFuUS9JzNu8YhayoiklJfj_uWd2qiN9KT66awLCdOkkHCLJ67C3Kr8jtztiZYgz3tayym_upeDYw28tUmU-mcDmldT29dyIFoqWPTWe0HqXH8APmfOqFuvi8W69Rvmk_sW7aPraC5cpVf4_ySfwVlW7-zq7Xtf1Fukv3rX1TfRxosQLj8WvuOc22SIlnfWLOwiSpEOGpybB11nRkBza5l3XDyBzYmc6ZfqGKu36qQRp98rMVMh8TZfU4gG22PMFc69K9_00jmB3I_63D-bdMGY57LQy18TtA0eT-WteLo52rpRECkjncxeTfXTobzYiT3fgKpATFbpHKZhZxWgodANHlDip1ByumKtvacOGOGoc-xrueSllGW7HU7pY_AfA-fcs5Z6TP68a1k1CACjKuP2Y9XgUn9kwtND7oq9qkEPmL_Cu7P-YYlK1RArtusTA87eJWAGHXjlnQ111rXCh2IbUNe0_GrbZ_uv3BSLMv3a89HCiJx-bKzstx-09MHn9IkjljiOQNsP1QxskyW1SU52x1wJVfoK-sA2_gSO5hKEV25IT6fpMsQFYkXFJoe5FhTg6Og_7LrYGbvflL1-nO_opn_zAdHmUeGabO6Va0tFja0g1gf_Tz-6fuvQ51qjovI8p8_AyjVREL1fai6RlzeY89i8DdyfnvkFrdIoOzf-4p7XnMP1KRpTIPAMW4hk4zv2lJCCWxZBqtsr02MxgYv-RygcBRsNYZSqlHNFbhjWftbPEKayHwBE9NirW3inW8Ta9y58EL7Me0sNYqqhk0wzcP5P0yEkwgLaxEcr0PF04tPc-OeT_TyVvLDgajGIlG85qjG7pOXWqZtoblj5RjhES-242SxO713h-pysBC4e-HEyDblPSDOmkyWZv9UIfxH8FfM_w2rI2jEcDQR2ZuJ21PpJrr_lOdscyrIrKCCn8Tqpoh3m7ojNXtcsUEBKcTuEP56Fmu8RGuzxOYX_zsHzBUj6q8Gy2zYjsG1CvLp48I8BdBQ_qfeusdWmixF6T8WBJy-wUaUCLEdfcwjpnCwIaccAd3PMItlTPyiEvQiJC7-z_n5lhu70XLA_dY1CsjbzT2QByiHzP9QZSvp23EjoI-0wyvtN5yt6tHDBfUWkJfTjwwHcQay-2cho1Qmu_F3gP_F1GiqAgfRGWnChIaKhfn0M5wntcFPVlyq61DfEA2noquGVoqBdgi7nKtQJ1dCk4AuUk3Q7dWwwrUWJal54mZgV9vWIrg6rGKyYn3mVf5Q1SUcXNy1i6vEcVWhb2OjA_L75WYhi_vaLAt4-WA07RGFtV-BBC0QTU1H0wPjgRjVYEuw-ixsSxt2ZPFTcthRDfsYWxhUqTJwILgvRowUWiXeb5TN3VsZcgwrpmvUqwDS1hgmnaWa-qcOLtj4lqGJdMonYtAuZYQrPzhkE_RcOKo6-1Wc1Tv5Kx7p9uhDYGp5mOjcDpHgc4cRLlLItDkQbSQnxYjLWpW9-Ax9nJWTQcA91wokKiBb2K2dvdt8aY-ZF8JmhC0cOtZCK6Sbskt1Vvhv7jPK15DGVf5R4td_dx9tWiGLtKyfwQgJ1MzUyJ8OkIzXAsrFUx-aXRjh_S-nfhON83Ql-MPhji8H80S1Mtji0XMsSrsEyuoBGaLE4AUKyjDXBAgCFiSSmmimCiXYMieNdcDRukY8wynv0fEsjYC1bpfCiI5yB-BJeJjzdATwGHYD8cHb8nP1thippc5zm5EwezOlDKLxD92iz6iIjWQHIjEFDxRtI8-TSR_DFA3LI_doLWfIDOwqM7CUrfT-y-MXAQtxHoEFebuLqxV00HrgnnICS2ARHw1C0KtiLh68pwy8X-oq09Nq5FTGVTjgQIZUdkGjcCeQ5x25znajd_bRMZJDyxvtt9hGtN9OLZQNX1EMRHTzxp7sBwRwRLeo42kmdm_lio4nDEPgwShp0tcR2Qe5c2wkNVFA6yk_6-HM6D0T4XFWxKOZBWfCxFZqNLA3aDRvUWQCHxDkw70vs2B0B5SsT5-mEwdC06_wxswBobSSYGoiIXwsprZZ05AngYhORXyGeMEYFa8C0Do10KzjFw30xHMyoce2Z6WF-1l1PlmI9aGYdO7A9L65BTsVPQ8Zqa9itXsS6DFIIp1BVnEuoI_Datz_5UuCiMmGkD_A8RIfxtSU89WhmvvxAX3M9tXAKazZOQCh7PuPwhZYoPo0zz2fRFVoEsGOBvt5ysEjw0B1diVzZSwnlNY6Lhp2pXXw0oLDWP1icYlHAeDLjuNjZmk8NdtCYm8Ji1jmfWVPFnmFdrKbhntNR67LeO4TY5EFSvCbnTxdJws8hvGn31DxYV2eoLL-f_W87FY1HCp_lxyz-ncnvMsLumndYrpcaAhlrTLfYDdB4GlJDjoUvWZZ8dP-B1z3FlSNWV5q5Uu5U1esdyf_DmfmfUdhDmmFWkGmlefq5Kg-HCRdtN7OI3mz995HnKLoLV3ibxJd7Yp1wxRjZiH0U0UtZjTvpzIjG7Jj3NJNut1zUCZ3sFGFNg8yqFm_MggmfoWf46PH1xEV8EggFhStO4zGdgb9NByDk7wHrYaokHixCSe8d40BBUgYzeoy4dxHGHkZkhZERj0ClZz5V46_Td89kAz5xO7NMA9NweRCRqOWof76WK4TNoY_kH6b9tJcshgU0wtuCLohHU_E_5R13HYuElp107bqrm1J0hrDv9zp4U50f_rCqTNxdTf-BNSmsOw_mOLXX-hCIDNtQ2YZCU3PkVfYiS1KmEdC06L8alqXN7YdO5BAB3DySIQTe3kPFkdXYkXIvqev2gCvwpxbDyrtgIwOd7IKtm_n5DFX8nX9JPUa-g5WVBDGxIzlKVhDxhgMWDsaF4DcLEdNbS_KsyJyQvVg0gtasHcE3tyx09FSvtZVPbHBQCuoJCgxbxAE6xUe-oMpBfYOhpdOf0udYwRZPDLdSEmT-gG7ndLVvOdQ69HLHhUOPMdl7zdhB-IwuJypilQlfXAj0kdU_kVsDh6Av2H1osGmN1sxtQQa6HqCBeJ8tZjhI8lag0bIjMKk7k-GR-Thb8GdeVxdf4xqQkVU5Zdn9ZP3wOV-Ly7dgZc_rfUS8Ryf80dHRJyRq32uxJnHxZLe4QZX0D9zw3Olfmqk53xzLSNepRottr1Z6YVu1lLILm4fvHMIzmrWXpxmY4-rnkwGyYS7sbgNlaThXe3hihwRzzJqZBUHsou-ulsrr1xc8CQfY-AXisOYrMvUsc6r8yeQrP6btEBTLmC1M-S4zqZa_5L4qH9YWkX4l5Yb7M-OtItMwPrt_X2sRPYjhKxO7XBxZOyHD7sqPhkaTIPZDBy8TZQIx35LPTdHBXaiUjhxpy79SMMeTVid09_A9GoKytpI4XEdmNKxQPCQYYOjQDYAL2uPk7MZjZJx-qiwj8i5l5_e3HaCYZBZTytTE3Gt01P0Go_FbZBA5aR1p1r3pVN5UIiyqofcEK3yZu4N25wTfrYS8h9QOEJpXmawW2LdNB94Etx6AShToziqjI_JduLwoHCjlvB2Vr3MTP1tHMW0uLa8v3BnxFImT2pWPB0EmYCzd2o6S5llIpN8AbhQCR0kLmpoD84rQgn4rVukm9AZBFJZ7gXVSl4OXAFMjwDQZFOQaWfGke2r4Rn7cscTpa21pGXThuFZpHezPd_d1v5-vmr5uLfE1nofLt3ZUtpXqJLRfU1NiMHpNyOU9iLBAaMS--rGIbB90q_mhNZHcniRoqypvkGogNSp14p_QLgDxA5XToYmmeWiHYIzbyJJS_3vNNdLKmNrWPrBJrO9QFmk1VqZZfdnA4FZ96SIZxgUby4VB1L8Xu8do09-V1by8cJgmxnLqqug3k0zYJcKE0wgTCxSJ12pMHLuCASo-6uof6B6MxTypqnLOgz-JjbFMT_QVyFYKgdNbDF-XqWMcC5W71ny7U9r6cL0C-77fMPJF4ta-dl4SH9vE2yVLaCoed8Z05U8JB9B0Y995Rp64D5AcL2-1zxPMfgILv13MhrCk_MgQ5Q8BC3rFh8YXjwKPuCF5fQ6SI9MowEbPT1sVTemuLgMqg5yHQYejI5djietp14a_Qs3Yl0DxBJU7LXHnElSXM6rNs8zH_18ffw_KZFlaMiviGDTaZ7R6vxAF3767NYRFEs_kgBSpT203mVha1xCVNf0qKPtPcvJVViOIrErQH5hmjxswnc19X_KM3ENzOd9nr1iEY_Kse_gREFbFdTDhWa3yDO-KxL3aT46nY2k1CFv8QkC1qkWdb4g-Z7m-0RVzE48_kKFuuHQ_GviJr2gxSEpLV5LDvQ-1_q144y7OQ-Am6xfdzR0aKU6d2vY2_3w9MmOt7LC7LK2Wc-UgruCkMko6WMbzU1uN3GqxdqrDYkQJzezio3QayzGPj4E9dSDkHw2R4kswAFhEiM5aH4NUa9oO4nHCdlONObMJHjbsyTt8nN9B0F9OehIBrYoXZicBTdwKYON5ToUfYHbXrEqogh2mKRF4CKvr78wHar9O5T6PDaexmccwdimr5dqLEE9FhNxzV84-IeWzsvnPDz6z9v4TF6BhwKkxt0icTqWKCnK2Uvj8WXHGHDS_AKAwPD631HIsYDdvMzEB4UPtd45gmVxmMPjDuIemYaPA1QwKRiYpTOro_ZvkpHfBotjbqoBSyra0feSnHQfPd3_WRQOJFeAnQ4xh8nUXbpxKnnu8KfwukdIq1KBw7jfmA1DJqPQNto7HL4UWesV9X_6p3kJXcYHsOQl4B9s6kyfkhAGxcwcU6wQdiRmMkJVuUiJtPBUTVpxcwLpCFQoH_d020ZBgmPhqr-tfXBqU_jP3JKPiQxITUI-kEkBGOHclTVGLPilj91SrpSccvsm5sUq9oeWc-YONrYGFQFQgMpudAAqaRfg_7OFnPVYEZ356nJn_dcBMqLLxKjflOPRemH3YUZrV4l3YKZw7g8OtrPDZ6Io7QRx5a6wFLS9hIxT-VMnO6TEe8oWCVOnHg0o3oLvMnb9GNGCddCKKJd3q32t5-vXa3xAbTwW8YZZ4ecfWqumSJIvZZYcK8nm2yU4k5zyPBJUEjXqTEKAqTsNO7QYn9kyWlnqiK54AUVeKz7HmbWzG5cK8dy4SZ8Q25iIczHDbsEtWRZkPgT6Kstfrmf8yyUdER2zpmAf6DpYpjRIuOMmoZWfK3Hbm9GK1pKgw4HNLiyk9eA2oOX1GEzwMqGsVZDaKd0p90aEIgmxT2YDPwdyEKS_yNqExA09HMTxNNarsGo1NLrhOd4V3fNPHzm20XGxuCpB3fBnCT-fbgIpT19GO4bLJjSWdqh6Pbj3LkvQ5gjBMkZy8G-SqueHM-p7IVLBIVuFJ5e37il1SAES47o086L5CvVH4PAbchwcy1WXX5GF4N2na00rrz-tAHMhrKTkaseGFAO8r6O6n9hBLnnqdG43wu7kHIxj9L-Lx6QaoTJxRlrqK6TMfKqmrBdASYloHf28-IACB4e1GtJdWO_wyQCR-beJXiXMOmfBcsK-9iJt5wITx-zpSGKO8MzXhVSH-qG7dAGLEcsdIu48k-AN6wBungzuxW2GcudLr-B9mDML2auoj6k3FLsxSJn6lxMhvDIxr9hHch_nQvTyvvBon44vTmhHcS30CcspxW4gHWte2uEtBOtxkJXqAb1f9yI_AhmkdDUEGEJDXZpneotUyDGulO4sRoYXDnek2rDUmthbeqHF2gROxJ1PwxiaknmRwjiTtAudFMCmYxA8LYRtWnUUKZtOf750DBGvNqi7KASwMFx8YeD1OdNJ7Z_UTZ42iC8a85WiyizFSKzv-cfn48QnRJLNRBB6hdrp-fJO7QiYvXJefe-FvNkwEI9fGmX339yXHzsVDWBGkmx3LzuUaTdGR6cNOyxj9pZqugPAXU1x4u4AmWXKDLqBwOESd6qotaTKKRfqs2RCUkxt07d76aVl1ohca93I6b5Dg7C_NxYJGrx4Ja55HCAY-rPhcBwzxJMEiBDQXIMYCw9giMJOAaFZoRT8eaFTe67ILwula5IGkASBx-lcKR0M0SLcI7dzHawMBbPSP00m7MiAnyrVP6IrJJ9hHayUCXsdw-6f2WyZSP-OKzIYDAZYvgxw33-8DCCra1iPX3Ld5pEfeq9wW0LsW5yb2IzkcGmXe5SHJdoMI6pSV6nu2osTk5fgu8W0fzHQYW_1N5FHLxKCHbvFbx32-t1eqBH8XM9xU60UzxI4Wymib6ngUKexRMsYZYcUazg3FRP11rcp12Fyy0GBfDMEHNIQ19KkMGNEUp8ihzzpndBMNLk_e8tdLu47et1JM1BBCV3H-NRrgkBkpuozQZF1Y1RlbvqHT6CE-s4F7FhwRvcBbayrx3BPIx--ni_IbERaQAvnJkFwtaCYK77lYgsGCXIDlyuZpJ98IiURFQ_v0e1q7GwOEZaotS_Mytd8eiPppzw8Z475FJiGLCRTHP3NfLu7zSOrsDEIX0w9mdsoBANWOdpwDjglDJFgQ-5eld8TBWzkIz2A7LiABp0XhY6s6eZygEcmSag3mnNExZ3JkkZ-hlfxZFpFi8vDAuZKn8Iut4wOwRNCqEhjRndh9wpZizZ0iM5Y1fIZptzFGSw53IG2T5NLlumxVQRrssgXBA2_48ceFflBeJvlfNPZwSpJ6zXiCNDhx1AO57eckwMdYDatjLvjnBOMFJz9zISjYT5bMaJsQYuT8e2CoQRfxN1-8z957Nkx8kR2YhsvmJjKcFfqkDmKerD4Xr8cGQrojfRmwn_aWXhiylywWjkwy1evZYdTXYyN0qHJeLhu5usxhGvY2JuAoVQNejRY1AHaxOlKHsTm-Nja_VaezTBv9Pvg9L5jS3ctSbP7ycjwCKNLrtBwnPcNYXjiqn5OJTL6bDvha0vDO0ZP6y3K9kieQeOFsOya5H3jKuE9NkEvTgarct1VGVBoFGF55rbMDN_Vqrargc6hL1wTOMURwwbjKXvVU9iJ8ShUAva2wwBv2oCZBMDIVJz6I-u8prixz28AFiRfHj266nnwgCvumhXxpL20C6CTimgm6WTk_SJxG

Targets

    • Target

      c3e2744b2214c3671416bbd4014d9647307a51e88950268be225be32ed672ca9.exe

    • Size

      156KB

    • MD5

      4a2c7295771216a38836758181eb0ac6

    • SHA1

      d197da3c3966469ed7488d09bbfbc0098b0a337a

    • SHA256

      c3e2744b2214c3671416bbd4014d9647307a51e88950268be225be32ed672ca9

    • SHA512

      e28bc8a22dedcd5bdb0f5ce0a807db31e79cd1870efafbb7ad19a4f6723699ae1e11ddb1262754d285608b05b9121c242e4cc976e319ebbbd850715bac2832a9

    Score
    10/10
    ryukransomwarespywarestealer

    • Ryuk

      Ransomware distributed via existing botnets, often Trickbot or Emotet.

      ransomwareryuk

    • Modifies extensions of user files

      Ransomware generally changes the extension on encrypted files.

      ransomware

    • Drops startup file

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Drops desktop.ini file(s)

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

1
T1081

Discovery

Lateral Movement

Collection

Data from Local System

1
T1005

Exfiltration

Command and Control

Impact

Tasks