df972a50bf4d9ddb61697d129496dbcfac2af10b6d0dd7d443673916985d4c4d | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

5

Static

static

3

2024-04-20...uk.exe

windows7-x64

1

2024-04-20...uk.exe

windows10-2004-x64

5

Sharing

General

Target

2024-04-20_439d2ff28bab3b14b0b57f77920fd03b_cobalt-strike_ryuk
Size

796KB
Sample

240420-a24yzacf5y
MD5

439d2ff28bab3b14b0b57f77920fd03b
SHA1

d89a720ad76faacdb6fc028baf67cf71d7b3f03d
SHA256

df972a50bf4d9ddb61697d129496dbcfac2af10b6d0dd7d443673916985d4c4d
SHA512

c881e5c84d9c681b4a38348eb6acd70da04f62a24a2c4920a69bd21e118156c37dfb514ead78ad75e24dc89f4ca6e965a8928c704af2cb3a7ce3a29f88859ecc
SSDEEP

24576:pANw243u1N3RUDHNmdPCAaq8Nozgi/rE0TOj:pew2D8HNUPCAaq8Wdo0

Score

5^/10

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

2024-04-20_439d2ff28bab3b14b0b57f77920fd03b_cobalt-strike_ryuk.exe

Resource

win7-20240221-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

2024-04-20_439d2ff28bab3b14b0b57f77920fd03b_cobalt-strike_ryuk.exe

Resource

win10v2004-20240412-en

windows10-2004-x64

2 signatures

150 seconds

Malware Config

Targets

- Target
  
  2024-04-20_439d2ff28bab3b14b0b57f77920fd03b_cobalt-strike_ryuk
- Size
  
  796KB
- MD5
  
  439d2ff28bab3b14b0b57f77920fd03b
- SHA1
  
  d89a720ad76faacdb6fc028baf67cf71d7b3f03d
- SHA256
  
  df972a50bf4d9ddb61697d129496dbcfac2af10b6d0dd7d443673916985d4c4d
- SHA512
  
  c881e5c84d9c681b4a38348eb6acd70da04f62a24a2c4920a69bd21e118156c37dfb514ead78ad75e24dc89f4ca6e965a8928c704af2cb3a7ce3a29f88859ecc
- SSDEEP
  
  24576:pANw243u1N3RUDHNmdPCAaq8Nozgi/rE0TOj:pew2D8HNUPCAaq8Wdo0
Score

5^/10
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy