General

  • Target

    2024-02-13_56ae399b4310cd2259d3e029973600e5_ryuk

  • Size

    12.6MB

  • MD5

    56ae399b4310cd2259d3e029973600e5

  • SHA1

    97b66e5782f8cb80854cdce5af0e2b3a31cd984b

  • SHA256

    8a526c422298feebea9767dd857ce2b3b92b450a894bb3e81cef1fb67c373f0d

  • SHA512

    af4ab00f946dfe9fb901a94dab79e1ff91a319238124e5ae7ebee345f91ecb63a0e574992530772c02ba8f656f0c3ea2ef4f354fab4dad028b3b6e2c41da56dc

  • SSDEEP

    196608:0LX8SiCGurDz5o/VP7TyT8xw3y0Kl2OCxnScNB1y0oS:0r78urDz5o/xT1wi0U2bxBg03

Score
10/10

Malware Config

Signatures

  • Detects executables packed with Dotfuscator 1 IoCs
  • Detects executables packed with SmartAssembly 1 IoCs
  • Detects executables packed with Yano Obfuscator 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2024-02-13_56ae399b4310cd2259d3e029973600e5_ryuk
    .exe windows:5 windows x64 arch:x64

    15b0d359b0d004363a1c9a125be29113


    Headers

    Imports

    Exports

    Sections