9d4408a65f5bf381a42742c5b1f431fa0315b756f601cd61769022911cf85144

Analysis

max time kernel
121s
max time network
131s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
06-04-2024 05:40

Target

2024-04-06_a2d26af14768ea5f825a50a2734c81d3_ryuk.exe
Size

86KB
MD5

a2d26af14768ea5f825a50a2734c81d3
SHA1

105a9cf99db0fd5df4045a21f3f1d5b8a7861603
SHA256

9d4408a65f5bf381a42742c5b1f431fa0315b756f601cd61769022911cf85144
SHA512

36e02b64ce197453eb83667e7edc7c3908c56c31b42af8aceab93be24fb837692015a5bf6b1f0df0b323071150231c5115f6f6a38dda3625dc752bb09c9e6924
SSDEEP

1536:AG7MwqqwS26x325YGHXqoaO1w6L7lgP2sW5dc9dlQxC6LuVhV/5J:vowPwP605F3jaO1HJS8U6NuVhV

Score

1^/10

Suspicious behavior: EnumeratesProcesses 1 IoCs

pid	Process
2428	2024-04-06_a2d26af14768ea5f825a50a2734c81d3_ryuk.exe

C:\Users\Admin\AppData\Local\Temp\2024-04-06_a2d26af14768ea5f825a50a2734c81d3_ryuk.exe
"C:\Users\Admin\AppData\Local\Temp\2024-04-06_a2d26af14768ea5f825a50a2734c81d3_ryuk.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
PID:2428