Overview

overview

10

Static

static

Image-8646-ZP.jpg.lnk

windows7_x64

10

Image-8646-ZP.jpg.lnk

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Image-8646-ZP.jpg.lnk

  • Size

    1KB

  • Sample

    220321-tgsjzshdbn

  • MD5

    e163fbce2507c89a106c8ad001dc099a

  • SHA1

    afd8e902f55dbefcfa4afa30c95ce49b2daef6aa

  • SHA256

    61e88158da4636ab0c11db75e376f42e11a02ebe0387223934fb10944b52794f

  • SHA512

    a6dc129fd6cfc820461b29c3b9c35539f7bd45e67a383c1cb8c9a437509046edac793dd6b134a379b3be1768dc3daba0ea5d914be5624a4c10a4402d32d99b82

Score
10/10
ryukpersistenceransomware

Malware Config

Extracted

Language
hta
Source
URLs
hta.dropper

https://inapharma.in/css/files/photos/Bn-Offrs-Album/Image-8646-ZP

Extracted

Path

C:\ProgramData\Duolingo\duoApp.txt

Family

ryuk

Ransom Note
cwlxAB+LCAAAAAAABADtvQdgHEmWJSYvbcp7f0r1StfgdKEIgGATJNiQQBDswYjN5pLsHWlHIymrKoHKZVZlXWYWQMztnbz33nvvvffee++997o7nU4n99//P1xmZAFs9s5K2smeIYCqyB8/fnwfPyJ+MqvT8yzLfrJIP0s/+v2/Wyxn1VXz+//+uzvp739a11X90eFvnDxupnWxatMyW16ss4v8s49+OrvM5MOPjn7j5IrfGtd5U/wgf1Nt7Yx27tBr6fl6OW2LaplOsh98MX1dvHuW18eLN9Xx4nV7vKhzerKF/kGg83rrdJm9rWb57Ml1dt3mr9s6o8+zvL6T/uLfOPmxS0L2aZ410qahX54UbZ5lDRo2TcYwaBzL/Co9pp4v89/7y8lP59N266PX102bL8Zv8nft+Pj1ydnZ6XJazYrlxUfAlCGXhM6S3r6xh/HnefuE0Dup1sv2998bRtpAfllmBd5usmL5BtDetQDbZGirON+61+b337+5x5aJSyCWDX6eV3m92EiY1/l0XRft9fikvl611UWdrebX42d1tXiSNfmn+28I0ea8qhdCr9uMKIbD2MJ5Viyz8klZTd9u3QhslO6MZHrsABe5PIuG2tIr+I+a41f8nteb+eDsy/EX+aKqr+kd4kEZ1M0wx98lGuW3RHhLGOpuun8n/VZ677ZdvKyagoXms3QHr9R5u66XtxgwNf4lv3FiZe6iusqyq+tXhOOX+GervvOLQbnlqPrsF/+SUfbZ974/Ov/so49G7WeAs7wYn9Nsn8yz+oRYa1R89r3vfXp/9HD3+6PvPXww2t27R7/sH4zuH+DnvdH+Pn4+GO0ffP/7hzShWz9Ii2Va3MGvy8+K7/3g+9/b+f7h8jH/tku/ffLJnWy8WjfzrXZreefOoTTcoSaf7vO31fey7y2///3Plt5X9bjMlxftnBp89mBPBnAxmn+2M8rp/+vP6nGznjSM/tZytPyE2vDbF/T2xeO1efuCwOPj+Wdb88ePP73zSfW99XhKQz1uty7ufH+Uf/LZp4f50WcHh3fOP/ms3dqaHx0dbeXbnx3cufO7793/9M4v0Vk4JwoDh6y9pkenJH8H3Xl8Oi+On3zy/ORYnifHT9vLn5hdfPt08d3vvP59LifT1YPznXr3dXt+Mfu9Ts8uPj9+850XxU/8xJOnzdXv89Mv7q+eN9/+bvnts+tF/XtV3/69fuonf6r8vb/7+3z3J774Qbuc/ODeveXl5eX5eZ5/8snDhw+qB8uv9pcPH969+3L33eKnjp81D5v7v9des8jPfp+TX3T95ODu+fLq/OX17/XJJ7/X4ve+PMguH3738uDz+i7970V99/fK7r67vPvw/C59cTA5p+/ODu5dfvJ5/cnTu/Vk/smbn7z70/S/B3eXL86re+f3v31+f+/eg2Z59+Hs7qf3zw/uvr1798HlJ69/77uvF/eWr1a/1/rT9S8qfvBqsvp9XuztfHo9e/Hp5Vc/+L2vd8t89fCgLS/P987XL9/O7rVXZ59cne9cvrx++OJ8/8VPPbi7qO/OCa3Luydf3v1B8+rg4fzuw8+Xd0++ffdqcnf1i+7uLu7eze5e/fTTe5+8+L0/+eLlXv785d363d23v/eDuz84Py7vvn7ziw6+fHi6fvbw9773g9O75/t7v/cX707eLHc/eX737r0X66fLu++eru/OLx/s/+DNgwfU7cndl9ff/jYR5fzh6fzu+dXD5cMnD7797m314PLtw5d3m927NQ3s6tufL1f3XmL8zy+fv/vB3asf/DTh8O4Hn3x+7weA8+mX9z796bt3Jz/94t6D33vn4Orug9N7Pzk9f/idp8WD2f2d8u5P7969ePqu+mrn7vPde5+efXm3eFE3O9ODuw+y052DF5cvmp/Ofvrew/WDy08nP5GdzT65O38xXz/85M2rn17nL453P7l79fKTJ5f1Jy9+cPnV5F798uUPfmL95OTpm/nip3eyh0/vEm53H/7kt3/i05ez0/X9tzvl02efPFxgng++c3d28Xz/9/69HvzeXx6/+8Hvs9x7+XRx96c+vTt78INy/fpgcvnw4Pe5++l3z58QM/3g6f5ufXE+e3j3+Xd/+uA790/3X/zk/e9+tXv36U8tn9579/KqePZl/rCtHn4+m714Of3qfP/4209Pdh7e/cG7Tw/2j19efb66f/ndh9mL9uHl1d2nv+juXn73fnb3B9nl3U/f/KKi/sHkZVnvz19+Mv/Bg4ezn3pY/tRPvbz75eLuL5qdP6gvJ/fXe8vrJ2f5gzcvHtz97uTeycHk7Be9yX/yp37w3Ydn2dW6IvI055/c+72vPsnuvljevXv+yeVi+vLyYPd8/+XvffDpav2D+5O2vnv67buzu3dJJB4+ub+6d/enn96frD7/ye/83vfuZfffXn4yWd89eXH34SeXr96dr779e++f3vvkoD3/lPhhff7yQf3yebk+eEA03Sfe3rv/kz84eP7J3evL9f716/qnDr66/r3uPZx9kj+4e7e+e3+9S4Jx9+Dh+f6980/b2d3vvvq9v3q9v/Py0xcvz3/6px88+MHvfX/26eX5m7s/+fDpt5dvDojhicV+cPHJ7t3L3+vB3Sf1p6cvPv/ypy/fEL6Ln767d7ZYP7++f5XlP1W8Of/y5MGr5/tPnzz5ZPJyf/HJJ/d+8pPL2fmzg1/0/IuL6ex8/vzh3YuHL+5Nvvr00+ndn6qnNG2fE7999xftLH/q/H69U5zf/fzlg09mX336i97l9e99f3337ovf+8Hyp57d+70/+b2/8+nd/PLsky8XP/i9707v/dTLX3R3smhO3ty/9/Db73763k8/2Nk5fbB4mn31e0/uffKL7u1/8cnd7x68uyb6TM+fflr84N7d9t7V8c6TTw9+n8Xl9ZPvPrj77Pj3enlw2V7l0/1v713e/6nV3XvNy/b87k+vX977QbZcPHm4+qm35w9f/cQnDz55eXl50Z7Xe5/Pr15Wd9/94OHdV83iJ14SNfOru1Xzyesnp19+9YMfnNy/vH/1ySf7xP8/dfeLT4szkt4d0lP3L1//3gfL3/t+dv+TT3769/7ky3tV8/DgF+Xniyb/zvnLL07P7y5efWdOPHb3+e/9ycMX17Ny96df3d375KBY/uDew+fTz3/63r37u59c/qL6Pn24OL//8NPzl+f3X8weHtwtf++fIn7+4uCLn/7kyS+6Onj5jhTm5M29n7xb79796eWnv9fD81cktW8fPPzk5fmy/vb85UOS7Rf3f6+7D3/v/ctPP7n8yU9+enb3qn7QFD/17YdzGuTDN/fuvvqyWD9/eFn/3r/P6fJh+3t/+vze/fbTT+59N7//SX768vLuJ58+2P9Fz9e/T3vvsnpx9/onP73/g/MnX+6dP7/74qcuSX7PH/4+RLRne83Ok/n5/uTlefH0wYOHXz34RS8/b3/wyU8e7x+0s/uvq/pq993v9fu8vJu9XT+dz35QFT/x9MufLB/u755/8oD09g+eFOc/8eXOJ8d7L3/vB9OfevjFWXP+bvrsYH558N2fePN29wcP62dP3u4cf/ntu5ftJ7/X/fXFvfOfWJZffefhcufuu5292eT3vvtwdfnup15eTx5+/vLeJz9x7/zVi08e/uDyfnPw5OnxYvfug8mXP1jd/YnPnzxZ3b27rO5+8vr3+emr81+0e17tkBGp79fnT79T3yOpOi/vv3334id/sn1TtQcvvk1TVPzk7/1p3l79xOzkO88/vZvtPv29n/z059+++2TyxfWnP7j3g/p0Prn74N3Op0/e/V53nxx/8vn6k5f56cGb69Vu83s9u1gvLh/mlz+9c/2dy9Xv1ZLqP3h6+ezu3R+8mt3/8lPShPunX76ePPj0B6+++jL7fV781PPqRXFyulrf/0VP7+7vH/zU/u91cvfTyWzv8uzp+cufoHbnD36fn/iJB9nBi8nlqwWNevnT9fT+g7ufNDsH3334oGhnn7z5vS/b9stf9PDhd998udfeKx7c/fzFbv7F3R+s6rL86XsHX12ev5h8sr5L7nRDdJn+ZLG6XD64u5rd//wuzdndH+yRdnz+xbP981/0xd3lsji9e/nwwd23i7v3P3347ide3r17mS/vXl6TGrv65OLug0/mpM5+8OLpt+8+O7939/e+2/70QX7/27DZP7E++OTum5/85JPzuw8nD7/98jt33/zg7sOT88u77eVd2PLifGdKxvyanITi8sFBfvf3/sHd3Wd3J5c7Xx5cfkma6Oqn7p6Xvzcpkbtvvn33k+f1Jz999+XV6u75W/qMtOi96Vfr53fbB9c/cfd85zt3764Wd9/e+8Hd+pPLlyRe98rVwcuHeX5yvnywJFn4ybt3Z+fvnt69u0uewfKT7xIez6Er9++TNiU/45PLq+O75w9/77t3p+dXP2A1ff/BJ3l+ebd+ePdLavCSHIp85w2Z+cvfm7yQuw8e3r2cHXz7HF4KvfMTP7i++/uUL2m6HhDG3/6JT4gr4Tfcuzt59t16cjL/zvVz+BJP7h1MTu/e+0mSsa/u31//1L1PfkBew169++kPruuDT073Zvc+fXF3f0mW5KffVGX5k2/OH5SffPfp07MH33n57tl8eb1/9tVPzl4srq/fPnn1U5fnP3Hy5mX73e+uPvkBOUSzu8cvvng5mZEfcLlf53ff7r7c//zz9ievHhyfPZvc3Xv38MV3n3/+kxRvPKwqsu3vzh4+fFWv7777RXffzR/+9Of1g7Nn7ZurB3er9qz46YdLYt3du1e7583u+eknBwd3n5JaW9bLFw/eXC6ffpc8tRf3H3y6e/764YNPZ7Pjs+f3HlyT5zZ72Hz39/78zdvfu55+tz64Pnvx+3w5e/nFspg9n34Chf+d08XbfajI5s0nn1+/rr7Kf/LewcUXk6v7Pzjdu5xkL9lufXW3aC+/PHje1ovv/uRO++Snnyzbbz8gH+vl7/3l3u9zevDlA6Lvt7+9Q3azyX/6i/2Hi+Y7b0/vvf72T+Z3i3ufkO49+PzlhNo8u3vv5eQnnzffze++Itt//+EXd6v84NPm7sv63d4nq+sf/ODT63ZnOXly/vo6/6L66XWx8927704fnjy4v/PVJ/mnd3/q/PJVXR8Xz+59Mv+ptz81fXj/9MX60+rBgx0a7PLhvesfnH96df6D9vX0wcGrva9m9cHBu9O7s180e7l8eLksLt5dvV5+fvD55UPye/auJ/Oze88efv7Vt+//4NtXq8mrd/Xu5N13Jy/md7+q7/5k/eDlfnb3YXO+d28xeZB/enn3u83B3Wzvp+99+/e+3CVJ+UXPL8lDbF6Tf/Z6dnn3985fvl2efuf8p8vZ+Zts+d169smn7z4//+ndvedX+1c/sV5dkVO8WP0+P7F88PQnPzneXf1eL8i1+em3zfrdd1/VP/3p/ruDSfni3vxNMZnVpz9RT578BDHC3r1Xk7v7n3558PDl73V89uD8zfmLn9zbffWcBJzof++nXizXP/jOTxdkSb7z5e63v33dnNzd/UWfvLr+vc4vnq3ePl08/+nzuy+L6XfWJ2/P5p9f7u5+8eSnX+cnd4sHk6uHdw9e/973893z5Zu7X/4+v/e36+fv7h7vXVzWL/a+/Onz9sv1S3IAJ+8+qb7z+3z5vL14drnzcO/L55985+3dHxzsvZudlnu/d/OD3+tycvfup9/Zu27OD774vT/5yd/79/789Cd2vv35Dz6dXP1EPfu9XpKHN2/vfnr35dmnn6yf3Cfar7+zpBn//NtPq+Wrsy9++u7J6ov1dz7J6k9e3f9Fv/cnkx+8+6T8ie+sXv9eV28K8rnfvHx+96cW7178Xg92v/t8//7k95lMzhbP3t29Or97L3/3yfwFxdTPDp7drfdfnp9/Oru7OCAX5eD88t75Kr+8ePjw8u6LnYN8b/3u+Mt35y/vXp3de/ODZf3Tv+isnHxSX7z+9stvf/qT9NJdMjs/+fTg5erF5W61953PP/lyckxq8JOHn/w0eRZ73zm9/OSnPn/ynekn37272CF/b+eTT+ZPqZsvz+vT1e/15v5PfPls+pRUEOUsHjTVfPlw9uTBJ7/3y+v7gH33bfbJi3uf3t2l+KT+9n55fvfLy7vrl1dv8+WDB/enly/f7D78fdovyUQs7/7e6/v3735CPPqkOfipk9nD6u5Pkk74RQ8fTE5/r59eUZPLhz/58NM3s5OXxXf2T37v6vd+/oOdurlaPzt41e5/8e1ienlv//f+9k+8+/T3efLg7hlFcd+9u/P58wefVNdnP/XVw1d3d9ZX3/50CSehbe590i737//eObkCP1neXfzUl4sv6KP5w2+/JWfmwadn55f7JemNn6oO3tG8Xa4unn37k9dfXT74vT9Z/mT+1ZPJvd1Pfq+zTx6eP7lHGvrFd36f6uDN+fF3fnDw+e/1e5Fm+32+Q/rwdPX7nL+e3H2SrZcP8/r3uVwcLGry7fM39e+9/3J3+RPl+e/11d7TB3ePrz//fepvn1/X15SrWj65LO6+WxxcrQ4efrKcvbj36rvN3Wo9ffkT7z65e5Evf3r2g9/rJ87v7ZxPm9/rJ75885RU2Kcv7u3fI4/myfHlYvbVeftiWd99vlovHpx99/Of3vnpb3+b4qOf/kUUgO3dn/3er3feZp9fv/uJ14unq/wnXpLyfPblF1/9Pp8f588/+cnz4zq7+8VPfPp733/5yV1yA1/svH2683udHxSvljs/Tf7ly7s/tbz75u3p3W//3vl358XJ3V/0yU/+xMt7Dz9pzr/7e/+i3+vB/Rc/XRczcj1/Uf7tJy+b3S+vH756+2B5/uT3+sHvM/992ldkIC+Ltz+Z1/l3X/zed+8vn8xfv7wil+nu/N3+05ff3X3yg8nrT1d3H0yv3n6Zffvp5KcvP7l3cPaT5+u7X5yQ01R/++Jy9QnFuk+WB3vn5+31m68Wd39i8oO7x5/X15/fO3mz/+Bsml1+dX73q7Pfa33/7AefXr24/kW7D58u7z08O//pd29+0fn17vnVve9QtP7dbz/8gqLzb//Up7/37/Xw+vPL/Z9+eZAf528fftL+Xpe/1+uHDz//5O7B3nfKd69eHn/+5fQnilff2V2fz++198mFun/3wU8QP07qu1+SSZ/d/aQmx/fuVXbQXp5nS/LFPlncO//k0+z3efnp/OFLEoLFF8fT/U+ePNybPayfvPvy6Q9WX7T3HpCP8MVldUAu9bvL6dvpwSf37j9/eVDszg9+qiC98fCTOqfI6z7FSPv3vrz7E7ufPMi//PLN6yd3d7766clP3//8ank+e3tKKcPsbXvyyYOHv+j1zvMH5/fa5z+xfPv6yxX5+s1y58G3f6/lgsLX3/uT6Zf7367zszdPp/ef7O793pfF6fzeaf38am+H3IkHX5595+Db0/OSbe0vuvf0y4dPnyxOX/zE/RcHP706e3V89+W7J5+Q70UO1t0n1U+dli8/+en7ZCwmd9+8fv1g/6d3LuHL7p1f5fnds/z8/H7+4u5PX997Tf7H8poyp2/Pd19e57O7337zgFyy+6/XT8lBfzYr3n37U7KnX56vqy8OHu7OLpfze2f32UUq67uvyLpSrPjTP/mw/Mmdn/6p7OHvc758ef78OD//vc/h6TyYnL959oBit0+fTh4+W16+e3Bd3r+7hrZZ/94/2P/yk89/8O177erZ/O4nL1/e2999WPzePzjYObl68PDty+UnX/7g3idPy/urZ3fvH/w+zQ8eHr/86S+fEzfsrKYke68ePviJH/w+P5gfzH/6JKep+r1eXu1ld58v736bBjc5mJDy/0Wf/PQlfP38qy+vfvqT5tP1vfsn5fHum+XBT72+++wX3d357uKnnu8U5S/a3d99eXr53csHdbH76bv2kx8cnN1f3D347v7vc/XJm+nxu8UPPvmp2cPXV+dr0LB9c++nv1it7/30m3tvvri8Pn94sLo8WJz93u/23i2+Ov9p0qY/eLj86vd6vv9Tv9e3q7vffvF7wQbs7n/17Z3f+6f37/4+2e/1Yvfs4uCnyQF8/pOf/OBF9fCnHpRffHlJfHr/9zl7+HvdJT/v2+vv/PTdg/rq8+WTp8WrN9mbn3x2cPzq1cunLyef3j+jpMnl/RkF/g/zq+9S4Lj8wf0n7dvJ/O7p/k+3TXNKjEwOxAMKNb+Y7P2iuw/eHsxf5vnLT5ufnN1/+zAnVnt3vlcfn39SNNOHb19kn76kqOzbxLe/aOfpd+f1wZOf/mR1sg97fffdu3fl+f3Z+d3XP/n27ScPKEac3P3O+etX9e9D6pvyFZeL3+fhJw9Opi/K3efXd8vLT8kzefB274Q8VvKBv9j95ORuUzw///QnLigeXRaXO293sp+8u1tlT/ZffvHyXpntvvuKBOfeiwXlFN588ouuf9H5+S+a3D1583tfU87qFzX1J4sfLJ5+tf69iR/Ir3hx+cW7u5+sKcNz+ur17/XpMU31T7x9V1+syc347tUPqpwM2sPiJ/Iqf3v+e937orz3Sf7Td79z8bb5qZOv8uf13Z/46eLd7NUPTq6fA+/lTx0c/N7z75Tn9ezl8yc/WOwvjq9+r7qeHx/vvT0/WBx8Qq796suvFqTWX5//YJfMzDMKYO/df3L6xXdeXp1+5+GTlxSkT5fn36XM0U+SLHznZX3w+YvLq89f3/3JB59PmzdvCOM3d1/uU5zz4Nt79U/+Xtk5TfUn57931u4WP7h7dm/S7v2iT36f108+uXs+aZsHz3+vvfaTi/PX67O7D+od8plfv7v/7veq9g/Kn9iZnp8/mV2ePvjp5c7qyScUeD988+qrSfvqrN2ZfPqTX5x/8vnOT19OfvonPzmngGPn5d7y/GW9m09/en3xe705fv3gp558cXxvr5r/Xt+993s//H1+8rs/9W53Ofty+Xtfzb948Wb2xcWDu83zX3T3XvH0+une5Q8OfrL+5HOKhw9Ozt/u3vucDMI9UhKff+fg8iGlMWbtw9c/uLvf/NQnO9nBGnHB1asfHHzx5VffffLdNw/27x28W14+vP/ycv6q+n2KZ8/evnjzg5+4+M53P997++XDevlkfzr7ZOcXXTXF1U9fzw/Kl3uXP7moH56fH5zks2n26tWXv9fr2U9+++7k/OXF5O7v9Wpy+dO/9+V3fvBw9Z3r7PjTX3Tw6u4Pqs8vnnxV7N09vvfJdHm8e3mfkPp9Jid3KRX58CemT75T3b9XzJ/+FOm52f3zxYM3s4ODB79Xe7nbLn/RLvn+P6iv16+K3/vuzmJ1l3LK65/+5KfK77affPrw/MGLn/q97n7aTu/OmnW5M389g1lry29f71Ja7+6T1fwtpa4mn54tKFex+KL8qd/7VfVmuvy9r9eXL79TX397XlFu6pKSOj/9ev/3uvtu/fDFTzw8efb87oPZ7737ejH75DvPL+aXucQ1O7P2zad39+6dv53cfXn//MHZ5cn69354sHu6vDz4qbvr67v3LyhBR9qSskU0znsP7/6in35I6v3e/fkny5eXOxSuvj2/91OTe7+ovVt+db6YfHqwc/f3Xj54+Pr87v4nTz95s7xHAcz5J9Onn5y//Tb9eve73/4kf/md1+fnFN3effnV+fWUgu27n/6AwD346tsPPinO6x+cP8zOKTX9HGnO87uUHTpfVhTl3399983y5acURx/s/PT5VxT6zn/vTyl7ufrBJ/ndObndB9T1+adnlFwj52Sy/Gp575PJ3UsC92X+g9+H3v/iLuVQH1KUDN/ly9ff+em37V1q/OkBpQSWlEy6/uKAY/gzanf34e91Xt+/+3sRDhQ87393Rej8xJJyTXdXPyC35ODud17ukCf6i17ez8+vD2Rc57vtJ3cpzXpw99UX55ef7n6y+vJg7wez85/6NqXjDlYkHZcHP7lz/9Pf+8X1T3wxP89+ny+f3Lv7g5/8ZEXz+flxu/+dqlkvm9/r8jp/m7+tSUBf/sTz8/2dNrt8RS7cg59c7X9yb++y2n34i5Y/OblX7F3+Xt+efULm/2W2nNX3zqc/8eW3H+5hEeBg9uKcvr7OP/nOT+/84Mvzy3e0XPHpq91ftHqRf7pDiYqf/O7nx/efXc9+752T/df3354udsqDvPmJr05/6qsvrn7R3XV++eq73558e+enLr+T3b2mjHleP9y9//T+3dffbdcUFV2V692T44M9jhU/efWTO5/vvvyUWGb66hc9Ozj/vX7vk8/P9t5cPiweXp0vdj4/oPTS5ytCdI/Se/c+nb3d+0Vlfv70HIsIszfN5d3TT++Sib5arx588t3F2e/1+s3ik8lPf7n/3cnLg+VXzw/gv/7eV/m8qrOL3/s79160O++QJ2ze7T2ofuInP3/97fbprH73k8ef7O98evf8Jx9kn9/9RfvTvW//9PrZef4peU4v32Zkpc8m65+e//Tdy5/44vzdT724+9VP/PSXn7/85N3qpz95+pAWXk7PP3l4/I7odHf/fP3FPiUqP1+83P9k78Ev2p/N9u9Wz376k+/sflLdnf7U8YPVg3s/+PbBT7w53z14OX/67u7x+eVs+vvskAP90+tvT2hAL15OfvBg5+m3D2bU5vTs6sm9yb3Lz7/9aX3vk9eff/vy08XTd7tP890vXl69+mlKBK5f7E9pwSF/+Orp/Vfl9d7vc3b2ez9sn2aXP/1uvfy9Hxb33tR375Vffnf2e71ZIu9SXdx9cnHx9vTLg08+WVxCf/xEfvByfzV7cPblg3bxe//e9x9ePX9HU7d42rym9bxP9l5d/t6X5MDvU+gyO/ni9eXTd093Hn739/nBt3/i9776lPzVF8un+5Nyb2f96vjND/YO3v5e1+t7x9m3kQNqn7x8/unu9cV3fp/m7CdK8rhP7p69/LT69sHbe9c/cfZy8uCipN7fPv3kJ35w/+z0yd2Xk7u/T372+Xevv/1Fcf4JhfNf/j7fPnj66uLtm4PJg/2ieHP/6oQE9he9PLv34gdXd18VXy7326cHBTJML4vTe99++pNPP6mefPrVy+urveMfzI4/OX9Bf3x6/eWL03s/sV6+/iQHrchH+b2vnn7n8qefvvvkzTPyAyZ3P8/erp5/Wj1f3C3yZ89eH9T3X321ODg9+3T9E6SsdtsLWiiiePDe/O3d3/vTyfXu1erJ3dXq7rN7l0REWgP4vb+gdaq97yKPfLn7i/L13dnb3+s79+5d/KJvH5Cj8TmI93Ry797i3qe7k+fPf3D39/p9Pjn/dO/qBwfEyPvg7YOfzs9n+y9+0fruyyekdGty6+cPvkOZ7xcvP2nuXd2vXvzExfPVTvMTF+0nFFtSXubh3u7B+gcvHlzN1tnvQ9PwpriYHfzg93rw+3x+/SXll759eXdJwvuMsj7HO7/PvS8ezJ9wHIy8R371yekx2Yuvii/vUVeURSKH5Xq/Xt+bzX8Cfd6dfVKcfLJXP7z8wUVLLHbwg/uX5KDv01pL9ens3vnTF7/PT3/7OCPWf/aD4rs/uLvX3P3Bd36f706zlweT7Iv5/QPiq1fTF8efPNg/PiHb8snFq1ffPf/y009+n93i3vkP8ksy+t99R/jUn5T39vcoc//wyV0w09Xd/edvLquTH7y9++TLnya7Vfz0yZfzy93s9/7OT37a3Nv9ifNX5M89OFtSUPHJPdKB5N3nddvu7/3Eu+VP7v+i+98+vTr/5BNSKJcPn7W7Ty6++L3OX395Rb74i/Pf5/nDxQNajnzw9ts/2JscP38y//I6u/zO3Z291bc/ff3dxYOX5cMvvvvp8xfffk4rIj/9g9/np/Inl/d+8uon739S7VxcruufePP62/UPiPQ//Xs/uDwn7fTmi/Zh8Yu+fXef6Hw+yX/6uv2EFrFetPc++Slaifu9T2ndlxbHr7MvT37q5OrqcvXizfoHFHic/t6T/EH1U/u/9+eU2v78/O5PUQb8bfPl+svJt59dEvwrUoi7V89/cFAf3/9iejd7ePnVpz99tvvF+uQHnx4ss9031dOD3U+IYb568NOzL/Pf6976zVeTunl599sc2ux/m9fgKKW7/u637+2/mPzeP1m09cFPNuXzvU8mk3tXz77EevTBV+fzg4d3m/vTtvlkNdl/8pMPf/qMfPN9ioG/uKzvvaAltnskMp8c7O78otN3P4UQ6u6T4pOfXH3SrF7OPvn2eTOffTK9rJ+8eNm+qF7/XrRcRCb96tVkcvy2eP3y98p+8vQH3737yXcffPrq1e998FMP3s3Xnzw5pfTKg/O7L6Y/Mdtdf+fsp/bvnb55cP3tYv4AiZB85/Xvc/fu+j6tsd+/vJwuX80ePK1+UfnwwQNi8K9ef/rw+e7dN+3dB6u7T/PJu/UnP3U/mz7PPiUi7t6lpZ3Zp5Qr/cHly7P1g+r3IgP+7AfkpV6eN9/G5995+ODhZPqde7Pfe7m6fn58sHj58uX007tkfOtfRHPyg/xlfo+07INPzx+8mnz65PJumd2dL3/6k0/WP3X57id+cEDz3uZfPrxHa5g/+Mm2bC6vj989OX16/qx98Z0fXNNa7E//YP/yO/ODr6b3vvtTtFp0fvLsnFTLzsEPZt+51/70y/Pr/BnZPUrEv6E5KvOryxf13TfV5cHy/PSLX3R5/nt/Z/G8vFhkL8q2mL/6/Pz4/CfPP/1BfrJ/0dAy3OTTn56cXH+buH7xybd/QF78d08f3vv2+bv524uvTie/9yr/yXcPP/ny5Q++eP7TB7/XBS24z+8+u3z4rri7+ond02+3p88PJp+UV+cVrSl/8vI+2cD9e1enDz7/fSb3n1Csmf/0d/LJ7tPv7L1+R+mrn7x/8RM/Same3U9/Ir+8Ips0+b3f/tTdy+kvWr76yd/n+ievvn3xYGdyfvf3rpc/+OoupWXxy/Ty4OkX9yf3HyyuP60Wz0kPfvr65Q++vHfvoFn8ot+rrSnbN5v+3p989d3Pf+97d2fTd/XBl1892/+JN3ern353/lMn9/euOeY6a84eLsj4PLh6Vzz8iW9/+YPXZ+9Ojr98SkHIT6wW5/d+8OQHP/37PP1Bffdhfff4p+7u/lS92L/7ZvaLyvr17/Ps1Xd+n29/d2dFqnV3tth5nv2i8id+0cnLuz842blbnX337dl6cQ1/YO8F5Sv3n1KwjRzJvd2TZz/9cvH64JPPf2rn1e9dv7ueVNVP7X7SPjmbkV0/Pzle00Ld81+0/92n+/UXu9XV3fqr43c/8XuVl7vLh59/5/Uxxdq/z+n81U/l9/bu/V5Vuzr+6tX5T3x+elLvHvxg/wc/dferX/QTLy4v771Yf/7dxXr9i84/uf+d3U+/XDzIJg9Ods7mX62eLj9pru8+eXp59yfLT99RboTCsu+8OXhKwR/5i6+qySfvJj/x1d5dyuydfJL9XvcOXn1yMfv8VXF5vbwsX39+d2fnwcW3D9rfe/mdxZKysg+eTc9enH+5OP19Tu5+Tg7371Pv/T73X/7ez+uT7CdfX1/+5NPf5+HTxctP7jXrh0+Oq/mDg9/r8vh+fvCG0sTH92cvz5+u7n7y6vL5qrz/5fkPflHe7nz5ky8/oTWih7TQtd/cPSAbQqqG0m2f3L/7lta1iJblJ7QIRT76tz+5XJ6vCO0X5/cO1ucPiLXvl5/85PIX3bu+fEhrbyvyiV+ePyBf/yH5ugd3Xy93Lz+lBa23B6fnn37y3U/evrxHHvWEFp6/XL58ufPu7oNF8eBy5/Lu3eZy56fukgs/ufji25f1/d+bfPm7P/jBw/Pf6/e5+9X+l+e02PXyU6zlv3xwQBkg8uVJjZD7/slPHPxUXhT5lOKO/JP65b0dWs5bZOSb3/384MvzFent5+fVvbufLu7uv7uHXBEtr2Zv7x605/fvkR4oKU/2+1xSxug7v+jufTLVxHdvvmre3aXU3P3s4fH+p9nB3U+/+qR4+O6753c/WZ2//c4nd3/68sHDy0+A/70Hdx/c26VVtvLlFSXxaRXpcqekuAexB60UUOzx5PLp/vwnTskjWZMDeffz/PkPPvmJu5+8u/zk7uX8935+/zv3PqGlrp3V3d/7p39AAd9P81oc5chqWitvSWHunX/6KfV1/sn5Jfm9pBif3v10fvf+T1Ma7N5P36V1jftv5k+mv/e7XzSd1tD508m7L3YPLg++nS1evFh9Uhb33r3anc1Wi+/OLnfuLb+7evGTO+tf9ICWi3/qy6v8/uX9enm+Pvv26s3r6VfX9d3yxf1q5xfdffHty3vfPnnwapV99Yt+b1qR3Pm9d84uHixIeF79VNV++lNfNpfNxbP58x+8uJv9xJtpeZV9QhkbyvmUtJR98OLV8efFt3/v45/65Ort4gd3v1MevFi2q+byp548ffmLJrPz/Yfn+78P5c5e/qC+//s8uPvw07vXRI/Z5cHp7O79h+f3q/t3D578opPvnL/9fc7vPv/2+aqiIIhckL0Hd199m5ZLKd9+9yGFN9UP7n56/d0DWpHeffgJxeyL+/UBZZgbss71y7uTe3e/vPfJp1/ePfjJ5d2dtw8PviSN9rQ+f3h1l8R9fpfY9OknxDY/dffB8/M3L+9WDz79ve/uXzyk5YW7PyCVSX2vKa49PjifTR6QTj1fYfW+fnP30y93L+/u/8QnJz+5fPh670uKHj+n1a7Z3fyT7Mu7zd0vzu/+oqeT5iKnvMGn3z64v3P3YdtQnPjq3tPLB0+/vfMm//SLLxe0ujK/+yXprvPJ5Sdf0bgpcn167+AnzvcvP/3kK1qEfXiXNPn1ktYt794vzz/Ze0jLQb/3AdYc717dpVUsQu3q/t37P+CV3KfvJnc//fbd5su7exRhfJut/r27e78XvbO4S7kPWuD+vQ+eZud369ffvrz/6cXdh3Oi/+wBOV93d2ltdOfuJyQPPyAkX14td+4e7ORExbsPP3/45bPPd0kt3d15Q4OizNb5J69278JQvrp7QEvMTyi4pRwUJTUvyVMmLv/kHqU1X959/eDuT5OSubz77su7Pyh+772XD7+NvOdditK/Q04LFtfPaez1t+/uPLl7QAvIB1hoJhtNpM8JYfqMhPv+7/USq1A7D+7SdH7x7bsn335AyZtPfvr83d5P3G0pfvj2V/ndn35BeNIrD+4ekNtY/d6frF++vLy/u1dSRuvu3pv18t7x8SVl2B9+/vI1wX129/e+os9/n4cvT759fjl5/uk0v2ymP0UOy7fvvnpOqfgHd5d37z6r6yUtud59MyGolweUvNqlNRAySjvv7t2ltfhPf/oSftiLZ5eU66ZsPo17/9tfTO7+om//3vOT7+6+pKWBn7pb3d//hKbm7tv9u7/o3ie/18NPvrr7iyYXPzW/vNv+9Pni9PQnpqQoL+825B6+IMr9BE3y3Ye0jNycn798c3mwP6VgjVLm90jyydmefUkLtXd359Xv9RO0FneelXcPmsndd+c7r2mi5nc//SmotP2Hn1wufu/9i4OrB6TO3t3dpyk9vvvTvxfx+Mu7xPP7LwkuOUSXT37vy6und999++Hd6dvLTz59eXlMC/Z3PyHP+opWWfKf3nt6d5d0LPFueZc08SeT35tSM3fnu5+Q3qKFtfNPqsnBV783eW3zT36a6PT70AdffEKLPpev1i+a831yTsuWVs9IYX/+ycuz80/Wuy8pH5Rd3n1w9+6DB1fPvvPgcpcW/V5c0mw+3P3phz/45Ky9+9Nv7jbf3lvdnd9/+OVdyhp9cT558Ql5Oec0L9c5Gc3p+Sc/eQ+88enk7U+8vNonPv4O5Qxe3i3uXjy5+/zibv0Cawjf+b3md38vWsh/d/c+iXxxd++TB6DVpz/96f1PLqDMaCB31wXF28Xd9cVPUSRwckK5qU8+WR5QAqn99t2DB5QHv/sJGbn71b1PHpx/8vz3fnI+R+zy8BUxK8Z79/zB5Q/uFsVPEzzSC/doTkGoh9++9+kPiIvuVU/P7+59G/JFbvb6p88/XZ4/+H32FsU9yrrRHJx/QsnVT2AqZg8v7r65/IJyOXc/fTG9OL188JYcr8nd7/6ixX72kMwYEf8eLT/cfUW68O7dvZ0ZGPuK5pbWiMjW/TRFcg8e3iUT8SktLH1Ci0qvrsmG7L6++ynJIrHpJfEYrcH/ItIL+b3f+/KalpoK8jZfrh/c/cmMxvqS4pXz75As13fr55jvA2KBy4ffJf75waflyyXyEnsvSZ98svfs7nJGA/1Fb+4Wz3d+72ta06OV+SeEz+ynv/Py4O3V+endTyjzWJKuPqewFvHe/X2aZVrNWdL6wadEPxpLTfApdUjzv/NlcW9OmWRYNSSMSJf8ov1zohDx+8H5Jy8oA1ff/b2/fZeU8oPntBpOY758+BbDfkj2b+9y5/VP/z6zd59c3J/dff7yAS0nPSh/77vEZw9p

Targets

    • Target

      Image-8646-ZP.jpg.lnk

    • Size

      1KB

    • MD5

      e163fbce2507c89a106c8ad001dc099a

    • SHA1

      afd8e902f55dbefcfa4afa30c95ce49b2daef6aa

    • SHA256

      61e88158da4636ab0c11db75e376f42e11a02ebe0387223934fb10944b52794f

    • SHA512

      a6dc129fd6cfc820461b29c3b9c35539f7bd45e67a383c1cb8c9a437509046edac793dd6b134a379b3be1768dc3daba0ea5d914be5624a4c10a4402d32d99b82

    Score
    10/10
    ryukpersistenceransomware

    • Ryuk

      Ransomware distributed via existing botnets, often Trickbot or Emotet.

      ransomwareryuk

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

3
T1112

Install Root Certificate

1
T1130

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks