General
-
Target
9fe66773c84d371ef1b424005996ade4d5e16fb00306a1d54b107b2b2d03fe17
-
Size
130KB
-
Sample
220220-ehnj4aheak
-
MD5
aef8a240881322a88d3dafcfdb19ed8a
-
SHA1
29abad9d694a43dafa56e589b07d007128f3063b
-
SHA256
9fe66773c84d371ef1b424005996ade4d5e16fb00306a1d54b107b2b2d03fe17
-
SHA512
2a27de732fa573181aa2141edfca463324f60905ecc56702b6564d05dd7bf02d06201d4c71edb989ff89172016e254302752ae5ec5ab300176db569716c89268
Malware Config
Extracted
C:\RyukReadMe.txt
ryuk
Targets
-
-
Target
9fe66773c84d371ef1b424005996ade4d5e16fb00306a1d54b107b2b2d03fe17
-
Size
130KB
-
MD5
aef8a240881322a88d3dafcfdb19ed8a
-
SHA1
29abad9d694a43dafa56e589b07d007128f3063b
-
SHA256
9fe66773c84d371ef1b424005996ade4d5e16fb00306a1d54b107b2b2d03fe17
-
SHA512
2a27de732fa573181aa2141edfca463324f60905ecc56702b6564d05dd7bf02d06201d4c71edb989ff89172016e254302752ae5ec5ab300176db569716c89268
Score10/10-
Ryuk
Ransomware distributed via existing botnets, often Trickbot or Emotet.
-
Drops desktop.ini file(s)
-