General
-
Target
2024-04-04_8443989860e6fa05d878b6f71c629805_ryuk
-
Size
1.6MB
-
Sample
240404-bpghksah36
-
MD5
8443989860e6fa05d878b6f71c629805
-
SHA1
dc5a6ff1281ab458a2a6ba954d5a122895df0624
-
SHA256
f9e4f2c7c23d5dd71cc8a3c49fd48cb1ab5316a929b9a0bd4a52e17f2fee758b
-
SHA512
6c084bb22dc752943ba7ce5b2131ad9c2aaa58dff4bcf78d332e0d36a95a95c4c39179319da30a0ad5303f41b74a6c7ea0f4390abe5dc0e29feac3d30a21cc6d
-
SSDEEP
49152:Do4o2O9f65YTz7jGnD3D121zsaxEKWMXz/qIFI2t7:DTMwrMfWMXOIG2t7
Behavioral task
behavioral1
Sample
2024-04-04_8443989860e6fa05d878b6f71c629805_ryuk.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-04-04_8443989860e6fa05d878b6f71c629805_ryuk.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
metasploit
encoder/shikata_ga_nai
Extracted
metasploit
windows/reverse_tcp
192.168.1.25:4444
Targets
-
-
Target
2024-04-04_8443989860e6fa05d878b6f71c629805_ryuk
-
Size
1.6MB
-
MD5
8443989860e6fa05d878b6f71c629805
-
SHA1
dc5a6ff1281ab458a2a6ba954d5a122895df0624
-
SHA256
f9e4f2c7c23d5dd71cc8a3c49fd48cb1ab5316a929b9a0bd4a52e17f2fee758b
-
SHA512
6c084bb22dc752943ba7ce5b2131ad9c2aaa58dff4bcf78d332e0d36a95a95c4c39179319da30a0ad5303f41b74a6c7ea0f4390abe5dc0e29feac3d30a21cc6d
-
SSDEEP
49152:Do4o2O9f65YTz7jGnD3D121zsaxEKWMXz/qIFI2t7:DTMwrMfWMXOIG2t7
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-