General

  • Target

    2024-02-17_fba034cb2ee768fb4ff42cb71464980b_ryuk

  • Size

    170KB

  • MD5

    fba034cb2ee768fb4ff42cb71464980b

  • SHA1

    7d7746b8c124621994c4d1a448234c005fa860df

  • SHA256

    a032bc2be51f6a445d671a04d5fd081efb4514105f97545b3222d39666aa787e

  • SHA512

    d6b8556191e009e1d279e11a90296eafee0609238867b7a2ffdb180a448e0d81e447c0c03498f35a067da03a97a5c07337e1c333a57e116f64b4b1d8d1e1c694

  • SSDEEP

    3072:2HeriftL/WSo1vDb53j/8WGUzaqVh4LI8zQpnA:2+rA/WSo1rl3ALrlHQpnA

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2024-02-17_fba034cb2ee768fb4ff42cb71464980b_ryuk
    .exe windows:5 windows x64 arch:x64

    21de032c4f956048aee1e04ac102bfbd


    Headers

    Imports

    Sections