Overview

overview

5

Static

static

3

2024-04-19...uk.exe

windows7-x64

5

2024-04-19...uk.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    121s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    19-04-2024 05:08

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-04-19_d4959d8fb45adf35e80368febd764927_cobalt-strike_ryuk.exe

  • Size

    796KB

  • MD5

    d4959d8fb45adf35e80368febd764927

  • SHA1

    108a90829f48a5bdc6b3a4472982000a59626668

  • SHA256

    ea6ea7a17215ce9374097808be0d320cd63c5e12e8446f302e9e2a060787a942

  • SHA512

    9f332c3b91f133dbf7efb6b991c080ec22c35fc1ef4497576fffa8c1544f176f2ecf39c041b454d2ce95e1d85b64f69179bbc6ce916da70b2e55877215ef61f6

  • SSDEEP

    12288:oXDCAZzP/w24lhXMTmkJR4Do07Y86gw5CtCjX+NLuFhNpBeZT3X:jANw2438SkQ/7Gb8NLEbeZ

Score
5/10

Malware Config

Signatures

  • Drops file in System32 directory 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-04-19_d4959d8fb45adf35e80368febd764927_cobalt-strike_ryuk.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-04-19_d4959d8fb45adf35e80368febd764927_cobalt-strike_ryuk.exe"
    1⤵
    • Drops file in System32 directory
    • Suspicious use of AdjustPrivilegeToken
    PID:2920

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2920-0-0x00000000022F0000-0x0000000002350000-memory.dmp

    Filesize

    384KB

    Download

  • memory/2920-1-0x0000000140000000-0x00000001400CF000-memory.dmp

    Filesize

    828KB

    Download

  • memory/2920-8-0x00000000022F0000-0x0000000002350000-memory.dmp

    Filesize

    384KB

    Download

  • memory/2920-11-0x00000000022F0000-0x0000000002350000-memory.dmp

    Filesize

    384KB

    Download

  • memory/2920-13-0x0000000140000000-0x00000001400CF000-memory.dmp

    Filesize

    828KB

    Download