Overview

overview

10

Static

static

10

8398b1f229...0.html

windows7-x64

1

8398b1f229...0.html

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8398b1f229e0d80c65e262ae92085a90

  • Size

    1KB

  • Sample

    231219-x5ke3aeff5

  • MD5

    8398b1f229e0d80c65e262ae92085a90

  • SHA1

    5142f7b7f9dc13ac8a07eac6e1240efa84e3bc8d

  • SHA256

    4e374f86295c56c4c0d57b134d9035377b0d17b6fe418fd790cdfb3f7a9d03b5

  • SHA512

    113b51cb8fcbc1c61161434948aa0297ce2ce889100ab1827d1a7d0a76e65d99e97d590b43911b450cc931ec4517affe26860af072e967294656d9e7e83ee687

Score
10/10
ryukransomware

Malware Config

Extracted

Family

ryuk

Ransom Note
contact balance of shadow universe Ryuk $password = 'N2QvTsXamJ'; $torlink = 'http://zq6gyokyso6dgsxitjuk2tkq2rl4saq4tkz2idcf6z3tfondtvemshad.onion'; function info(){alert("INSTRUCTION:\r\n1. Download tor browser.\r\n2. Open link through tor browser: " + $torlink + "\r\n3. Fill the form, your password: "+ $password +"\r\nWe will contact you shortly.\r\nAlways send files for test decryption.");};
URLs

http://zq6gyokyso6dgsxitjuk2tkq2rl4saq4tkz2idcf6z3tfondtvemshad.onion

Targets

    • Target

      8398b1f229e0d80c65e262ae92085a90

    • Size

      1KB

    • MD5

      8398b1f229e0d80c65e262ae92085a90

    • SHA1

      5142f7b7f9dc13ac8a07eac6e1240efa84e3bc8d

    • SHA256

      4e374f86295c56c4c0d57b134d9035377b0d17b6fe418fd790cdfb3f7a9d03b5

    • SHA512

      113b51cb8fcbc1c61161434948aa0297ce2ce889100ab1827d1a7d0a76e65d99e97d590b43911b450cc931ec4517affe26860af072e967294656d9e7e83ee687

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks