ryuk | a57a857e358441ef078a5dc4c3dd7d81f4a4c096925470313df35eb60c027d43

General

Target

6ad481f315f2ca646f0677e0b0890a6f
Size

1KB
Sample

231222-fj9pdshdg8
MD5

6ad481f315f2ca646f0677e0b0890a6f
SHA1

1a7ca2838ab7fb3916c47ea45ca6a8c14a70206b
SHA256

a57a857e358441ef078a5dc4c3dd7d81f4a4c096925470313df35eb60c027d43
SHA512

b71a3e586b3b865857203196dbb7cbc0a6826a60f092aa8af5c3b72545ea1973f2c26515c85237d1d6ced0d206340a25cfca1b208d7b170cac8055c242fa146f

Score

10^/10

ryuk ransomware

Malware Config

Extracted

Family

ryuk

Ransom Note

contact balance of shadow universe Ryuk $password = 'PuzY4wR0ylL'; $torlink = 'http://x6jpmpx64uhryco5m3ydplxxiegz4lhl53pqro2vod3od46ythvw2iad.onion'; function info(){alert("INSTRUCTION:\r\n1. Download tor browser.\r\n2. Open link through tor browser: " + $torlink + "\r\n3. Fill the form, your password: "+ $password +"\r\nWe will contact you shortly.\r\nAlways send files for test decryption.");};

URLs

http://x6jpmpx64uhryco5m3ydplxxiegz4lhl53pqro2vod3od46ythvw2iad.onion

Targets

- Target
  
  6ad481f315f2ca646f0677e0b0890a6f
- Size
  
  1KB
- MD5
  
  6ad481f315f2ca646f0677e0b0890a6f
- SHA1
  
  1a7ca2838ab7fb3916c47ea45ca6a8c14a70206b
- SHA256
  
  a57a857e358441ef078a5dc4c3dd7d81f4a4c096925470313df35eb60c027d43
- SHA512
  
  b71a3e586b3b865857203196dbb7cbc0a6826a60f092aa8af5c3b72545ea1973f2c26515c85237d1d6ced0d206340a25cfca1b208d7b170cac8055c242fa146f
Score

1^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1

T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

Sharing

General

Malware Config

Extracted

Targets

MITRE ATT&CK Matrix ATT&CK v13

Tasks

static1

behavioral1

behavioral2