ryuk | 4e374f86295c56c4c0d57b134d9035377b0d17b6fe418fd790cdfb3f7a9d03b5

General

Target

8398b1f229e0d80c65e262ae92085a90
Size

1KB
Sample

231219-x5ke3aeff5
MD5

8398b1f229e0d80c65e262ae92085a90
SHA1

5142f7b7f9dc13ac8a07eac6e1240efa84e3bc8d
SHA256

4e374f86295c56c4c0d57b134d9035377b0d17b6fe418fd790cdfb3f7a9d03b5
SHA512

113b51cb8fcbc1c61161434948aa0297ce2ce889100ab1827d1a7d0a76e65d99e97d590b43911b450cc931ec4517affe26860af072e967294656d9e7e83ee687

Score

10^/10

ryuk ransomware

Malware Config

Extracted

Family

ryuk

Ransom Note

contact balance of shadow universe Ryuk $password = 'N2QvTsXamJ'; $torlink = 'http://zq6gyokyso6dgsxitjuk2tkq2rl4saq4tkz2idcf6z3tfondtvemshad.onion'; function info(){alert("INSTRUCTION:\r\n1. Download tor browser.\r\n2. Open link through tor browser: " + $torlink + "\r\n3. Fill the form, your password: "+ $password +"\r\nWe will contact you shortly.\r\nAlways send files for test decryption.");};

URLs

http://zq6gyokyso6dgsxitjuk2tkq2rl4saq4tkz2idcf6z3tfondtvemshad.onion

Targets

- Target
  
  8398b1f229e0d80c65e262ae92085a90
- Size
  
  1KB
- MD5
  
  8398b1f229e0d80c65e262ae92085a90
- SHA1
  
  5142f7b7f9dc13ac8a07eac6e1240efa84e3bc8d
- SHA256
  
  4e374f86295c56c4c0d57b134d9035377b0d17b6fe418fd790cdfb3f7a9d03b5
- SHA512
  
  113b51cb8fcbc1c61161434948aa0297ce2ce889100ab1827d1a7d0a76e65d99e97d590b43911b450cc931ec4517affe26860af072e967294656d9e7e83ee687
Score

1^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1

T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

Sharing

General

Malware Config

Extracted

Targets

MITRE ATT&CK Matrix ATT&CK v13

Tasks

static1

behavioral1

behavioral2