General
-
Target
2024-04-03_f20e6b22d8e4d9df82aceec26a12aa5f_ryuk
-
Size
1.8MB
-
Sample
240403-mln9sscf34
-
MD5
f20e6b22d8e4d9df82aceec26a12aa5f
-
SHA1
5314aae0a4db009eeee53b76c5817e21a65777b2
-
SHA256
e8120cca3243174642aa8c527b2377553aed137547288cfb8079f1ed540b6b59
-
SHA512
4536123e2b8a7c2f9b29626bed7cd0b90f72a4d51256dbd3ae248656b24a5bc140b97ad5a2fad522cdcc13443cbec7a9fbc219fa603a4ab0d9e8ea3cb4fb418d
-
SSDEEP
49152:RKfuPS3ELNjV7IZxEfOfOgwf0FgDUYmvFur31yAipQCtXxc0H:Sm9sZxwgkU7dG1yfpVBlH
Static task
static1
Behavioral task
behavioral1
Sample
2024-04-03_f20e6b22d8e4d9df82aceec26a12aa5f_ryuk.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
2024-04-03_f20e6b22d8e4d9df82aceec26a12aa5f_ryuk
-
Size
1.8MB
-
MD5
f20e6b22d8e4d9df82aceec26a12aa5f
-
SHA1
5314aae0a4db009eeee53b76c5817e21a65777b2
-
SHA256
e8120cca3243174642aa8c527b2377553aed137547288cfb8079f1ed540b6b59
-
SHA512
4536123e2b8a7c2f9b29626bed7cd0b90f72a4d51256dbd3ae248656b24a5bc140b97ad5a2fad522cdcc13443cbec7a9fbc219fa603a4ab0d9e8ea3cb4fb418d
-
SSDEEP
49152:RKfuPS3ELNjV7IZxEfOfOgwf0FgDUYmvFur31yAipQCtXxc0H:Sm9sZxwgkU7dG1yfpVBlH
-
Detects executables containing bas64 encoded gzip files
-
Executes dropped EXE
-
Drops file in System32 directory
-