Extracted

• • Target

    0db010c56aee75c099cbd415dd5b18bfdef64e95ea20cb27008106c167ff4779

  • Size

    169KB

  • MD5

    8d9db61a893f5919641a7b4005a78850

  • SHA1

    fa768baedc9ca06f253ff993d2f4d0aee402959b

  • SHA256

    0db010c56aee75c099cbd415dd5b18bfdef64e95ea20cb27008106c167ff4779

  • SHA512

    cbc5f3ed290b1c7e8989cf820ec13d59af010b283cd66b76558953e786c9e867c5442e56331c49f8d084acd6af6792f0d57a7e234025b2cecc17c4151c85d0b4

  Score

  10^/10

  ryukransomware

  • Ryuk

    Ransomware distributed via existing botnets, often Trickbot or Emotet.

    ransomwareryuk

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  behavioral1behavioral2