2024-02-04_1f4095ef2af54c5be7831285c50d80c5_ryuk

Sharing

Copy URL Twitter E-mail

General

Target

2024-02-04_1f4095ef2af54c5be7831285c50d80c5_ryuk
Size

332KB
MD5

1f4095ef2af54c5be7831285c50d80c5
SHA1

17a8e476d49f4554df62acb67d0b2b3bb5587271
SHA256

edc6d862139cdb183eba88246d058a0ecb7f27764abcd505545f7c18662d1a43
SHA512

b137916c07df24ed042697adb80266931e57eed2a9ddbb64f87dd3b71b7b217e65c763ca15d101d1896bbffc58ef46cd09bbaf83971904705f8ee6cb8cdfa397
SSDEEP

6144:c+RNYFVE+cPyfq+S8QN1uNjZwlm6ZhxDohqxX51qn3:vRUVR8A1dNOhxDoQxi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-02-04_1f4095ef2af54c5be7831285c50d80c5_ryuk

Files

2024-02-04_1f4095ef2af54c5be7831285c50d80c5_ryuk
.exe windows:6 windows x64 arch:x64

c6bb7bf70f1922a8972bdb948e24cb14

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

sutil_sdk

?loadMesh@@YAXAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AEAUOptiXMesh@@AEBV?$Matrix@$03$03@optix@@@Z
?rotate@Arcball@sutil@@QEBA?AV?$Matrix@$03$03@optix@@AEBUfloat2@4@0@Z
??0Arcball@sutil@@QEAA@XZ
?ensureMinimumSize@sutil@@YAXAEAI0@Z
?getPtxString@sutil@@YAPEBDPEBD0PEAPEBD@Z
?currentTime@sutil@@YANXZ
?calculateCameraVariables@sutil@@YAXUfloat3@optix@@00MMAEAU23@11_N@Z
?displayFps@sutil@@YAXI@Z
?displayBufferGL@sutil@@YAXV?$Handle@VBufferObj@optix@@@optix@@W4bufferPixelFormat@@_N@Z
?displayBufferPPM@sutil@@YAXPEBDV?$Handle@VBufferObj@optix@@@optix@@_N@Z
?resizeBuffer@sutil@@YAXV?$Handle@VBufferObj@optix@@@optix@@II@Z
?createOutputBuffer@sutil@@YA?AV?$Handle@VBufferObj@optix@@@optix@@V?$Handle@VContextObj@optix@@@3@W4RTformat@@II_N@Z
?samplesDir@sutil@@YAPEBDXZ
?handleError@sutil@@YAXPEAURTcontext_api@@W4RTresult@@PEBDH@Z
?reportErrorMessage@sutil@@YAXPEBD@Z
glewInit

optix.51

rtBufferUnmapEx
rtBufferMapEx
rtBufferGetSize1D
rtBufferSetSize1D
rtBufferSetElementSize
rtBufferSetFormat
rtBufferGetContext
rtBufferValidate
rtBufferDestroy
rtBufferCreate
rtGeometryGetVariable
rtGeometryGetVariableCount
rtGeometryRemoveVariable
rtGeometryQueryVariable
rtGeometryDeclareVariable
rtGeometryGetContext
rtGeometryValidate
rtGeometryDestroy
rtGeometryInstanceGetGeometry
rtAccelerationMarkDirty
rtAccelerationSetBuilder
rtAccelerationGetContext
rtAccelerationValidate
rtAccelerationDestroy
rtAccelerationCreate
rtGeometryGroupSetChild
rtGeometryGroupGetChildCount
rtGeometryGroupSetChildCount
rtGeometryGroupGetAcceleration
rtGeometryGroupSetAcceleration
rtGeometryGroupGetContext
rtGeometryGroupValidate
rtGeometryGroupDestroy
rtGeometryGroupCreate
rtTransformSetChild
rtTransformSetMatrix
rtTransformGetContext
rtTransformValidate
rtTransformDestroy
rtTransformCreate
rtGroupSetChild
rtGroupGetChildCount
rtGroupSetChildCount
rtGroupGetAcceleration
rtGroupSetAcceleration
rtGroupGetContext
rtGroupValidate
rtGroupDestroy
rtGroupCreate
rtProgramGetVariable
rtProgramGetVariableCount
rtProgramRemoveVariable
rtProgramQueryVariable
rtProgramDeclareVariable
rtProgramGetContext
rtProgramValidate
rtProgramDestroy
rtProgramCreateFromPTXString
rtContextGetVariable
rtContextGetVariableCount
rtContextRemoveVariable
rtContextQueryVariable
rtContextDeclareVariable
rtContextLaunch2D
rtContextSetMissProgram
rtContextSetRayTypeCount
rtContextSetExceptionProgram
rtContextSetRayGenerationProgram
rtContextSetEntryPointCount
rtContextSetStackSize
rtContextGetErrorString
rtContextValidate
rtContextDestroy
rtContextCreate
rtVariableGetContext
rtVariableGetObject
rtVariableSetObject
rtVariableSet1ui
rtVariableSet1i
rtVariableSet3fv
rtVariableSet3f
rtVariableSet1f

freeglut

glutInitDisplayMode
glutMainLoop
glutReshapeWindow
glutShowWindow
glutHideWindow
glutPostRedisplay
glutSwapBuffers
glutInitWindowSize
glutKeyboardFunc
glutReshapeFunc
glutDisplayFunc
glutMouseFunc
glutMotionFunc
__glutInitWithExit
__glutCreateWindowWithExit
glutCloseFunc
glutInitWindowPosition
glutIdleFunc

opengl32

glViewport
glOrtho
glLoadIdentity
glMatrixMode

kernel32

WriteConsoleW
CreateFileW
HeapSize
ReadConsoleW
SetStdHandle
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExA
FindClose
SetFilePointerEx
ReadFile
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetProcessHeap
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetFileType
GetACP
GetCommandLineW
GetCommandLineA
WriteFile
GetStdHandle
GetModuleFileNameA
HeapReAlloc
HeapFree
HeapAlloc
GetModuleHandleExW
ExitProcess
LoadLibraryExW
FreeLibrary
GetLastError
RtlUnwindEx
RaiseException
RtlPcToFileHeader
InitializeSListHead
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
TerminateProcess
GetCurrentProcess
IsProcessorFeaturePresent
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
WaitForSingleObjectEx
ResetEvent
SetEvent
CloseHandle
GetCPInfo
GetStringTypeW
GetLocaleInfoW
LCMapStringW
CompareStringW
GetProcAddress
GetModuleHandleW
GetSystemTimeAsFileTime
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
CreateEventW
InitializeCriticalSectionAndSpinCount
SetLastError
DecodePointer
EncodePointer
MultiByteToWideChar
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
WideCharToMultiByte

Sections

.text
Size: 185KB - Virtual size: 184KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 1024B - Virtual size: 548B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c6bb7bf70f1922a8972bdb948e24cb14

Headers

DLL Characteristics

File Characteristics

Imports

sutil_sdk

optix.51

freeglut

opengl32

kernel32

Sections

.text Size: 185KB - Virtual size: 184KB

.rdata Size: 100KB - Virtual size: 100KB

.data Size: 5KB - Virtual size: 11KB

.pdata Size: 10KB - Virtual size: 9KB

.gfids Size: 1024B - Virtual size: 548B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 24KB - Virtual size: 24KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 185KB - Virtual size: 184KB

.rdata
Size: 100KB - Virtual size: 100KB

.data
Size: 5KB - Virtual size: 11KB

.pdata
Size: 10KB - Virtual size: 9KB

.gfids
Size: 1024B - Virtual size: 548B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 24KB - Virtual size: 24KB

.reloc
Size: 4KB - Virtual size: 3KB