General

  • Target

    2024-04-04_8443989860e6fa05d878b6f71c629805_ryuk

  • Size

    1.6MB

  • Sample

    240404-bpghksah36

  • MD5

    8443989860e6fa05d878b6f71c629805

  • SHA1

    dc5a6ff1281ab458a2a6ba954d5a122895df0624

  • SHA256

    f9e4f2c7c23d5dd71cc8a3c49fd48cb1ab5316a929b9a0bd4a52e17f2fee758b

  • SHA512

    6c084bb22dc752943ba7ce5b2131ad9c2aaa58dff4bcf78d332e0d36a95a95c4c39179319da30a0ad5303f41b74a6c7ea0f4390abe5dc0e29feac3d30a21cc6d

  • SSDEEP

    49152:Do4o2O9f65YTz7jGnD3D121zsaxEKWMXz/qIFI2t7:DTMwrMfWMXOIG2t7

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

192.168.1.25:4444

Targets

    • Target

      2024-04-04_8443989860e6fa05d878b6f71c629805_ryuk

    • Size

      1.6MB

    • MD5

      8443989860e6fa05d878b6f71c629805

    • SHA1

      dc5a6ff1281ab458a2a6ba954d5a122895df0624

    • SHA256

      f9e4f2c7c23d5dd71cc8a3c49fd48cb1ab5316a929b9a0bd4a52e17f2fee758b

    • SHA512

      6c084bb22dc752943ba7ce5b2131ad9c2aaa58dff4bcf78d332e0d36a95a95c4c39179319da30a0ad5303f41b74a6c7ea0f4390abe5dc0e29feac3d30a21cc6d

    • SSDEEP

      49152:Do4o2O9f65YTz7jGnD3D121zsaxEKWMXz/qIFI2t7:DTMwrMfWMXOIG2t7

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

MITRE ATT&CK Matrix

Tasks