2024-03-08_7c48d694b58d75d001f928fbfb04bea2_ryuk

Sharing

Copy URL

Twitter E-mail

General

Target

2024-03-08_7c48d694b58d75d001f928fbfb04bea2_ryuk
Size

2.8MB
MD5

7c48d694b58d75d001f928fbfb04bea2
SHA1

220963bef0f19ad7722fe08861b627524ed8f1fa
SHA256

4e4e9f866b5b21d1e9804ef6912df944258fc184fd1afb4b5d54226ae8694b21
SHA512

56b72bff5575927714dcbb25b4b13ebf017df92b8424b5e2966727b74a8b6da97c1aa45ba3ac23d573589711d2435808e416766c5960c678c78b7e4b98068830
SSDEEP

49152:Hot0X0iq31yUPIxsZBXB+nBIxngS0V+wEO9qKhwqXGcnC04SPgBW1+:I2JUdZsVSlS5XGcnCu1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-03-08_7c48d694b58d75d001f928fbfb04bea2_ryuk

Files

2024-03-08_7c48d694b58d75d001f928fbfb04bea2_ryuk
.exe windows:6 windows x64 arch:x64

e21b055c0b549cad9476cd1dfc78b5f0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Project\AlgorithmTeamProject\Build\Tools\TopN\Release\TopN64.pdb

Imports

ippcore-7.0

ippGetNumCoresOnDie
ippSetNumThreads

algorithm64

?addFrameData@CAlgSlideProcessor@@QEAAHAEBVCAlgFrameResults@@AEBVCAlgFrameContext@@@Z
?getSlideFeedback@CAlgSlideProcessor@@QEAA?AVCAlgSlideFeedback@@XZ
?addCellSpotBoundaryChordLimit@CAlgSlideProcessor@@QEAAXHHH@Z
?generateFOIs@CAlgSlideProcessor@@QEAAHXZ
?getFOIs@CAlgSlideProcessor@@QEAA?AVCSlideLocations@@XZ
?performEndOfSlideChecks@CAlgSlideProcessor@@QEAAHXZ
??0BackgroundCorrectionLookup@@QEAA@XZ
?getRegionImage@RegionData@@QEBAAEBV?$TAlgImage@H@@H@Z
??0INIFileReader@@QEAA@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0@Z
??1INIFileReader@@QEAA@XZ
?Integer@INIFileReader@@QEAAHAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H@Z
?Double@INIFileReader@@QEAANAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@N@Z
?String@INIFileReader@@QEAA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AEBV23@H@Z
?compareC@?$TIPPImage@H@@QEBAXHAEAV?$TIPPImage@E@@W4IppCmpOp@@@Z
??0?$TImage@E@@QEAA@XZ
??1?$TImage@E@@QEAA@XZ
?getWidth@?$TImage@E@@QEBAHXZ
?getHeight@?$TImage@E@@QEBAHXZ
?writeToDisk@?$TImage@E@@QEBA_NPEBD_N@Z
??0?$TAlgImage@E@@QEAA@XZ
??0?$TAlgImage@E@@QEAA@HH@Z
??1?$TAlgImage@E@@QEAA@XZ
?applyBGCorrection@?$TAlgImage@E@@QEAAXAEAVBackgroundCorrectionLookup@@AEBV1@@Z
?readFromDiskWithRetry@?$TAlgImage@E@@QEAA?AU?$pair@_NH@std@@PEBDHH@Z
??0RegionSet@@QEAA@XZ
??1RegionSet@@QEAA@XZ
??0SegmentSingles@@QEAA@XZ
??1SegmentSingles@@UEAA@XZ
?segment@SegmentSingles@@QEAAXAEBV?$TAlgImage@E@@AEAVRegionSet@@@Z
??0SegmentClusters@@QEAA@XZ
??1SegmentClusters@@UEAA@XZ
?segment@SegmentClusters@@QEAAXAEBV?$TAlgImage@E@@AEAVRegionSet@@1PEAVClusterAlgOptions@1@@Z
??1CAlgFrameResults@@QEAA@XZ
??0OOIData@CAlgFrameResults@@QEAA@XZ
??0CAlgFrameProcessor@@QEAA@H_N@Z
??1CAlgFrameProcessor@@QEAA@XZ
?loadBlankImage@CAlgFrameProcessor@@QEAA_NAEAV?$TImage@E@@@Z
?processFrame@CAlgFrameProcessor@@QEAA?AV?$shared_ptr@V?$vector@UOBJLOC@@V?$allocator@UOBJLOC@@@std@@@std@@@std@@AEBV?$TImage@E@@AEBVCAlgFrameContext@@AEBVCAlgSlideFeedback@@AEAVCAlgFrameResults@@AEA_N@Z
?resetObjectRecording@CAlgFrameProcessor@@QEAAXXZ
?setObjectRecording@CAlgFrameProcessor@@QEAAX_N@Z
?dumpObjectRecording@CAlgFrameProcessor@@QEBAHAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0CAlgSlideProcessor@@QEAA@XZ
??1CAlgSlideProcessor@@QEAA@XZ
??0CAlgFrameResults@@QEAA@XZ
?clearAll@CAlgSlideProcessor@@QEAAXXZ

kernel32

IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
CreateEventW
WaitForSingleObjectEx
ResetEvent
GetUserDefaultLCID
Sleep
SearchPathA
GetProfileIntA
GetTickCount
GetTempFileNameA
GetTempPathA
IsDebuggerPresent
CreateFileW
VerSetConditionMask
GetWindowsDirectoryA
FindResourceExW
lstrcpyA
GetACP
GetCurrentDirectoryA
GetCPInfo
GetOEMCP
VirtualProtect
GetUserDefaultUILanguage
GetLocaleInfoW
CompareStringW
GetVersionExA
GlobalFindAtomA
FindResourceA
lstrcmpW
GetStartupInfoW
VerifyVersionInfoA
GetSystemTimeAsFileTime
OutputDebugStringW
LCMapStringW
GetStringTypeW
RtlPcToFileHeader
RtlUnwindEx
GetSystemInfo
VirtualAlloc
VirtualQuery
SetStdHandle
GetFileType
CreateThread
ExitThread
FreeLibraryAndExitThread
HeapQueryInformation
GetCommandLineA
GetCommandLineW
ExitProcess
GetStdHandle
IsValidLocale
EnumSystemLocalesW
GetConsoleCP
GetConsoleMode
SetFilePointerEx
CreateDirectoryW
GetTimeZoneInformation
ReadConsoleW
GetDriveTypeW
FindFirstFileExA
IsValidCodePage
GlobalDeleteAtom
LoadLibraryExW
FreeResource
GetSystemDirectoryW
EncodePointer
GlobalFlags
FreeLibrary
GlobalAddAtomA
ResumeThread
SetThreadPriority
GetCurrentThreadId
WaitForSingleObject
SetEvent
GetEnvironmentStringsW
FreeEnvironmentStringsW
WriteConsoleW
GetVolumeInformationA
lstrcmpiA
GetCurrentProcess
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetFullPathNameA
GetFileSize
FlushFileBuffers
GlobalGetAtomNameA
lstrcmpA
CompareStringA
GetModuleHandleW
GetCurrentProcessId
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
QueryActCtxW
FindActCtxSectionStringW
DeactivateActCtx
ActivateActCtx
CreateActCtxW
LoadLibraryW
GetModuleHandleExW
GetModuleFileNameW
OutputDebugStringA
FindNextFileA
FindFirstFileA
FindClose
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetProcAddress
GetModuleHandleA
CloseHandle
GetFileTime
GetFileSizeEx
GetFileAttributesExA
FileTimeToLocalFileTime
CreateFileA
MultiByteToWideChar
FormatMessageA
MulDiv
LocalFree
GlobalFree
GlobalUnlock
GlobalLock
GlobalSize
GlobalAlloc
SetLastError
WideCharToMultiByte
CopyFileA
FindResourceW
SizeofResource
LockResource
LoadResource
GetModuleFileNameA
LeaveCriticalSection
EnterCriticalSection
QueryPerformanceFrequency
QueryPerformanceCounter
GetFileAttributesA
SetEnvironmentVariableA
GetEnvironmentVariableA
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
GetLastError
RaiseException
DecodePointer
GetCurrentDirectoryW
InitializeSListHead

user32

GetDoubleClickTime
SetMenuDefaultItem
LockWindowUpdate
SetRect
CopyAcceleratorTableA
DestroyAcceleratorTable
CreateAcceleratorTableA
LoadAcceleratorsW
ToAsciiEx
GetKeyboardState
MapVirtualKeyExA
IsCharLowerA
GetKeyboardLayout
WaitMessage
PostThreadMessageA
GetComboBoxInfo
ReuseDDElParam
UnpackDDElParam
InsertMenuItemA
LoadMenuA
TranslateAcceleratorA
LoadAcceleratorsA
MonitorFromPoint
UpdateLayeredWindow
UnionRect
DrawIcon
FrameRect
CopyIcon
SetCursorPos
BringWindowToTop
GetSystemMenu
LoadMenuW
IsZoomed
DrawFrameControl
DrawEdge
DrawStateA
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
SetParent
SetWindowRgn
SetClassLongPtrA
EnumDisplayMonitors
SetLayeredWindowAttributes
GetKeyNameTextA
MapVirtualKeyA
GetMenuDefaultItem
CreatePopupMenu
NotifyWinEvent
LoadCursorW
InvertRect
HideCaret
EnableScrollBar
MessageBeep
GetIconInfo
DrawIconEx
LoadImageA
IsRectEmpty
DrawFocusRect
WindowFromPoint
ReleaseCapture
SetCapture
GetNextDlgGroupItem
TrackMouseEvent
InvalidateRect
ModifyMenuA
SetTimer
DeleteMenu
SetCursor
ShowOwnedPopups
MapDialogRect
GetAsyncKeyState
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamA
OffsetRect
SetRectEmpty
CopyImage
SystemParametersInfoA
GetMenuItemInfoA
DestroyMenu
IntersectRect
InflateRect
PostQuitMessage
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconW
LoadIconA
GetTopWindow
GetClassLongPtrA
GetClassLongA
SetWindowLongPtrA
GetWindowLongPtrA
EqualRect
CopyRect
MapWindowPoints
AdjustWindowRectEx
GetClientRect
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
ScrollWindow
RedrawWindow
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
UpdateWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
IsIconic
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
DestroyWindow
IsChild
IsMenu
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
CallWindowProcA
DefWindowProcA
PostMessageA
RegisterClipboardFormatA
CharUpperBuffA
IsClipboardFormatAvailable
GetUpdateRect
DrawMenuBar
DefFrameProcA
DefMDIChildProcA
TranslateMDISysAccel
SubtractRect
CreateMenu
GetWindowRgn
DestroyCursor
KillTimer
GetMessageTime
GetMessagePos
RegisterWindowMessageA
LoadBitmapW
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
FillRect
ScreenToClient
EndPaint
BeginPaint
GetWindowDC
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
IsDialogMessageA
SetWindowLongA
SendDlgItemMessageA
CheckDlgButton
GetDlgItem
SetWindowPos
MoveWindow
ShowWindow
IsWindow
GetScrollPos
SetScrollPos
SetFocus
RealChildWindowFromPoint
GetWindow
GetClassNameA
GetDesktopWindow
ClientToScreen
GetWindowRect
SetWindowTextA
GetFocus
GetDlgCtrlID
DestroyIcon
CallNextHookEx
SetWindowsHookExA
GetCursorPos
ValidateRect
GetKeyState
GetActiveWindow
IsWindowVisible
PeekMessageA
DispatchMessageA
TranslateMessage
GetMessageA
CharUpperA
GetWindowTextLengthA
GetWindowTextA
LoadCursorA
GetSysColorBrush
GetSysColor
ReleaseDC
GetDC
GetSystemMetrics
GetLastActivePopup
GetWindowThreadProcessId
GetParent
GetWindowLongA
MessageBoxA
IsWindowEnabled
EnableWindow
SendMessageA
UnhookWindowsHookEx
RemoveMenu
AppendMenuA
InsertMenuA
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringA
PtInRect
LoadImageW

gdi32

SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CombineRgn
CreateFontIndirectA
CreateRectRgnIndirect
PatBlt
SetRectRgn
DPtoLP
ExtTextOutA
GetTextMetricsA
EnumFontFamiliesExA
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
TextOutA
GetBkColor
CreateCompatibleBitmap
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
SetTextAlign
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
GetTextColor
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
LPtoDP
Rectangle
GetRgnBox
OffsetRgn
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
GetTextFaceA
SetTextColor
MoveToEx
GetObjectA
RealizePalette
GetTextExtentPoint32A
CreateCompatibleDC
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetBkMode
SetBkColor
SelectPalette
SelectObject
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
Escape
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
DeleteDC
CopyMetaFileA
CreateDCA
GetDeviceCaps
DeleteObject
BitBlt
CreateBitmap

msimg32

AlphaBlend
TransparentBlt

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegSetValueExA
RegEnumKeyExA
RegDeleteValueA
RegQueryValueExA
RegOpenKeyExA
RegDeleteKeyA
RegCreateKeyExA
RegCloseKey

shell32

SHBrowseForFolderA
ShellExecuteA
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetDesktopFolder
SHAppBarMessage
SHGetFileInfoA
DragFinish
DragQueryFileA

shlwapi

PathStripToRootA
PathFindExtensionA
PathFindFileNameA
PathRemoveFileSpecW
PathIsUNCA
StrFormatKBSizeA

uxtheme

CloseThemeData
GetThemeColor
GetThemePartSize
GetThemeSysColor
IsThemeBackgroundPartiallyTransparent
IsAppThemed
GetWindowTheme
DrawThemeText
DrawThemeParentBackground
OpenThemeData
DrawThemeBackground
GetCurrentThemeName

ole32

OleLockRunning
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
CreateStreamOnHGlobal
CoInitializeEx
CoInitialize
CoUninitialize
CoCreateInstance
CoDisconnectObject
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc

oleaut32

SysFreeString
SysAllocString
VariantInit
VarBstrFromDate
VariantChangeType
VariantCopy
VariantClear
VariantTimeToSystemTime
SystemTimeToVariantTime
SysAllocStringLen
SysStringLen
LoadTypeLi
SysAllocStringByteLen

gdiplus

GdipAlloc
GdipCreateBitmapFromScan0
GdipFree
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdiplusStartup
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusShutdown

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundA

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 657KB - Virtual size: 656KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.giats
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 648B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e21b055c0b549cad9476cd1dfc78b5f0

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

ippcore-7.0

algorithm64

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

shlwapi

uxtheme

ole32

oleaut32

gdiplus

oleacc

imm32

winmm

Sections

.text Size: 1.9MB - Virtual size: 1.9MB

.rdata Size: 657KB - Virtual size: 656KB

.data Size: 28KB - Virtual size: 73KB

.pdata Size: 88KB - Virtual size: 87KB

.gfids Size: 103KB - Virtual size: 103KB

.giats Size: 512B - Virtual size: 16B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 1024B - Virtual size: 648B

.reloc Size: 59KB - Virtual size: 58KB

.text
Size: 1.9MB - Virtual size: 1.9MB

.rdata
Size: 657KB - Virtual size: 656KB

.data
Size: 28KB - Virtual size: 73KB

.pdata
Size: 88KB - Virtual size: 87KB

.gfids
Size: 103KB - Virtual size: 103KB

.giats
Size: 512B - Virtual size: 16B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 1024B - Virtual size: 648B

.reloc
Size: 59KB - Virtual size: 58KB