ec2208d2634041060f096e2d8066d34d6718d417a61c211877acea782bc427d3

Analysis

max time kernel
118s
max time network
137s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
18/04/2024, 04:45

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

2024-04-18_6de84d8c14ce720bd1f9ef95f0ec6908_ryuk.exe
Size

16.5MB
MD5

6de84d8c14ce720bd1f9ef95f0ec6908
SHA1

0e83956e2be365d5434a82002b235005e38342bd
SHA256

ec2208d2634041060f096e2d8066d34d6718d417a61c211877acea782bc427d3
SHA512

6759e95908ca57a8fc7e4fb94ab23f789c97145fae175329fa13eaec19920afeab5faef43e98f768b22d4322c00b6152f87d993801db2f09cf32bd23a3cd86df
SSDEEP

196608:JZzDOm8B+WUuI9Ecn4GhRYpcfI9GjjwwwBJmBwAYko+Sy:JZzDOm8P7I9Ecn4GhRYpcfI9GjMkZSy

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
1136	2024-04-18_6de84d8c14ce720bd1f9ef95f0ec6908_ryuk.exe

C:\Users\Admin\AppData\Local\Temp\2024-04-18_6de84d8c14ce720bd1f9ef95f0ec6908_ryuk.exe
"C:\Users\Admin\AppData\Local\Temp\2024-04-18_6de84d8c14ce720bd1f9ef95f0ec6908_ryuk.exe"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
PID:1136

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Roaming\V-Combo-EDITOR-v11213\8.TtdVULg0UTN\Smatimer32.dll

Filesize
76KB

MD5
09b8aa2242500f9620ede08c6ffc2c12

SHA1
40638a0cf50bc53c6ee412624681eaeb2e8739c3

SHA256
03c795b39cd138112c343be8bbf438a0b0023894088ae9a32d5058caf528ddea

SHA512
1d81ee0ea180e5a079b4c7de6814a5099888b35aedea5ee130ad8abf5d2983c0880ac678d1e6a310e138893cae5b244256ff1f2ccbda79257e5b318da43fd3d4

Download Submit
C:\Users\Admin\AppData\Roaming\V-Combo-EDITOR-v11213\8.TtdVULg0UTN\Swmiarp.arp

Filesize
318B

MD5
00faf7535240983f5b8e45bf89901382

SHA1
f56a481c3514e63eb77f208ddcd57b174ee8e49c

SHA256
f283bd6df6e9e08f99d598d581f2d4e3bb1044344b676e1e9737b71cdd25bad1

SHA512
3fcdd6ab9f4267a19e50848a213e24dd67c1858cbcbf73c3b23d058b90338517dea7f966435059546576e73ef8fa35f4824d91b3f65f3941e2dc34e9a21821cd

Download Submit
C:\Users\Admin\AppData\Roaming\V-Combo-EDITOR-v11213\8.TtdVULg0UTN\Swmiarp32.exe

Filesize
100KB

MD5
7f48917db02c47eb8fc24b407b6c855b

SHA1
4e4baa26839f8485da28113d89f97b239024a45d

SHA256
a188568cbdf14730ba18025f82f8363ad67dd453135881075ec48a18662cb9de

SHA512
db40f82b49f9f6dcbe7359f2c10d4fc547ab634cbf3f7e6e41a815c15e00bec2bfd39a6a3636feb7711e265a3c65eca864a71ceccf9aeb8c5f380efa371d085f

Download Submit
C:\Users\Admin\AppData\Roaming\V-Combo-EDITOR-v11213\8.TtdVULg0UTN\arpeggio.set

Filesize
464B

MD5
58e87860ac054248d75f4f3097039dd7

SHA1
a15e6e22a18cc24b1ab9d2101717938c2ee9b956

SHA256
4e78170a1c362d2fdc526c4ce5d23f39ab571e66247f26eb1480cf4431db1d70

SHA512
01db2e968e4c57cca50e30de6e6f5f03201cfbd0999d19197935d4c6f79662f135c6e6dac5fa659f0af005c3983a00b31caba7c3afd1d4a9942cf5d0fefde1b1

Download Submit
C:\Users\Admin\AppData\Roaming\V-Combo-EDITOR-v11213\8.TtdVULg0UTN\lcddot.ttf

Filesize
29KB

MD5
5bca0e6226c5efcdf97dcfb4793b9037

SHA1
90f2173b4d75be9a9ce1d31f6aaa6ee7dffe291e

SHA256
b37d196465171f64a9af40bde52525743247a58fc0cc3bef46de15d00438b1c6

SHA512
086ccf4ad6a5fc17ba8a211f4b1abd74c43af3564c50aad7a7c62ff293ebe258413ba6e2b5e7bdad7a628951deb9ec879100f18b93d71dfed4895e70b62b4186

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads