General
-
Target
884efd1521e2fff9a05e7428239b3d9b92442ecef1248dd2bb295b253016dfb5
-
Size
124KB
-
Sample
220220-flcsfahhfj
-
MD5
3925ae7df3328773be923f74d70555e3
-
SHA1
948af4614e8ff150fbe0bc38f40806b457acaf3a
-
SHA256
884efd1521e2fff9a05e7428239b3d9b92442ecef1248dd2bb295b253016dfb5
-
SHA512
1eb06c442f6c63d7f5908a57ec57852678820349385e8e77aa0baaa584e6bb2dca59c0e2d4529734f9108e298d245e755202b70461cc1e6402ef37cc7d3d942d
Malware Config
Extracted
C:\RyukReadMe.txt
ryuk
Targets
-
-
Target
884efd1521e2fff9a05e7428239b3d9b92442ecef1248dd2bb295b253016dfb5
-
Size
124KB
-
MD5
3925ae7df3328773be923f74d70555e3
-
SHA1
948af4614e8ff150fbe0bc38f40806b457acaf3a
-
SHA256
884efd1521e2fff9a05e7428239b3d9b92442ecef1248dd2bb295b253016dfb5
-
SHA512
1eb06c442f6c63d7f5908a57ec57852678820349385e8e77aa0baaa584e6bb2dca59c0e2d4529734f9108e298d245e755202b70461cc1e6402ef37cc7d3d942d
Score10/10-
Ryuk
Ransomware distributed via existing botnets, often Trickbot or Emotet.
-
Drops desktop.ini file(s)
-