General
-
Target
df3d947eb72a7b10f90222ae5a0aab0aade66f0bc1d3812c1b0366e6e8456591
-
Size
208KB
-
Sample
220220-bngf7agbgq
-
MD5
b73d6af47bd63b87953279100d7baa00
-
SHA1
6797dbc139b45701dba1f9d13230935eb1c4f187
-
SHA256
df3d947eb72a7b10f90222ae5a0aab0aade66f0bc1d3812c1b0366e6e8456591
-
SHA512
f87f8b6488309c0ac199df40bdc4b740f0a20ba6488a8cb980b00b5f2599fdab3b233e0d97d1c9db6c1563929e8ee6a28cc0d032d2458cbce4f102826cc77b0e
Malware Config
Extracted
C:\RyukReadMe.html
ryuk
Extracted
C:\Documents and Settings\Admin\AppData\Local\Adobe\Acrobat\RyukReadMe.html
ryuk
Targets
-
-
Target
df3d947eb72a7b10f90222ae5a0aab0aade66f0bc1d3812c1b0366e6e8456591
-
Size
208KB
-
MD5
b73d6af47bd63b87953279100d7baa00
-
SHA1
6797dbc139b45701dba1f9d13230935eb1c4f187
-
SHA256
df3d947eb72a7b10f90222ae5a0aab0aade66f0bc1d3812c1b0366e6e8456591
-
SHA512
f87f8b6488309c0ac199df40bdc4b740f0a20ba6488a8cb980b00b5f2599fdab3b233e0d97d1c9db6c1563929e8ee6a28cc0d032d2458cbce4f102826cc77b0e
Score10/10-
Ryuk
Ransomware distributed via existing botnets, often Trickbot or Emotet.
-
Drops desktop.ini file(s)
-