469524f86ccd37892dc49f7f11e43f25b10d96e196a15a673bdbc2f64e0d3ccb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-02-12_6c56ef49ab649a4cde50ac66112feed2_ryuk
Size

55.7MB
Sample

240212-p6bwbaff45
MD5

6c56ef49ab649a4cde50ac66112feed2
SHA1

50e80b1a8bf5f5387d37e704f1d330d5ef390b65
SHA256

469524f86ccd37892dc49f7f11e43f25b10d96e196a15a673bdbc2f64e0d3ccb
SHA512

3f5b2a85a08a5994b31019ad940809d1417e0ffbbb58c9c8fe64c25fbe59966cd035124dfbbe3902ec0bcc50dc55c6ce2914324cc206a3460cbaf7fa607c3061
SSDEEP

1572864:+10G/gK4o7B2VdNJEX03SU0WYbeJEQs9usdrUco3H:0342BcdN2bU0tAEQsoIU

Score

7^/10

Malware Config

Targets

- Target
  
  2024-02-12_6c56ef49ab649a4cde50ac66112feed2_ryuk
- Size
  
  55.7MB
- MD5
  
  6c56ef49ab649a4cde50ac66112feed2
- SHA1
  
  50e80b1a8bf5f5387d37e704f1d330d5ef390b65
- SHA256
  
  469524f86ccd37892dc49f7f11e43f25b10d96e196a15a673bdbc2f64e0d3ccb
- SHA512
  
  3f5b2a85a08a5994b31019ad940809d1417e0ffbbb58c9c8fe64c25fbe59966cd035124dfbbe3902ec0bcc50dc55c6ce2914324cc206a3460cbaf7fa607c3061
- SSDEEP
  
  1572864:+10G/gK4o7B2VdNJEX03SU0WYbeJEQs9usdrUco3H:0342BcdN2bU0tAEQsoIU
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops startup file
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2