General

  • Target

    RyukReadMe.html

  • Size

    926B

  • Sample

    220620-gscxfsage2

  • MD5

    d0ebedd837996de3c556e5afe8e2c38e

  • SHA1

    caa2ea6a2c8bca6503bba961367cdb2146c1c52b

  • SHA256

    2a8e6b92f2530de4760aff174f6a4cbc5fad373b230208306f2571b5ba488727

  • SHA512

    d6e8c7ecc5227c821bb1979ebff08a8e860072f9e305b6ba912d54123f5e009ae131a6575f646a8a5fa7da272822f3d085e6d7bb344f973d0844680d52c4e19c

Score
10/10

Malware Config

Targets

    • Target

      RyukReadMe.html

    • Size

      926B

    • MD5

      d0ebedd837996de3c556e5afe8e2c38e

    • SHA1

      caa2ea6a2c8bca6503bba961367cdb2146c1c52b

    • SHA256

      2a8e6b92f2530de4760aff174f6a4cbc5fad373b230208306f2571b5ba488727

    • SHA512

      d6e8c7ecc5227c821bb1979ebff08a8e860072f9e305b6ba912d54123f5e009ae131a6575f646a8a5fa7da272822f3d085e6d7bb344f973d0844680d52c4e19c

    Score
    10/10
    • Ryuk

      Ransomware distributed via existing botnets, often Trickbot or Emotet.

MITRE ATT&CK Matrix ATT&CK v6

Defense Evasion

Modify Registry

1
T1112

Tasks