2024-04-25_c43ccae5dfb938e8d77bcc5e058e9170_ryuk

Sharing

Copy URL

Twitter E-mail

General

Target

2024-04-25_c43ccae5dfb938e8d77bcc5e058e9170_ryuk
Size

435KB
MD5

c43ccae5dfb938e8d77bcc5e058e9170
SHA1

fb1a7423dc81686e55b51613fd834d6f471eeb19
SHA256

a855e82fd78c3914e7cd4b4c7a30ad46e517ab52ef10b1f45592fb49d0348f09
SHA512

0ca3870efb6ae4c2e8d1944b94e470d082eb21ec34fbe12ecf665a8f924a68d11a886b1e84e43a7d7e4acad04b5111cdda689f58a2eb8e0da28f750ab3c518e7
SSDEEP

6144:Hsc27bndqPRnmeqDLQlzHIzlrdaqP4vcp+VujBCy9/mxWkVm184ohq59ECw:HvUdYZmRDLQlzHQ07vs4ujBu4oG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-25_c43ccae5dfb938e8d77bcc5e058e9170_ryuk

Files

2024-04-25_c43ccae5dfb938e8d77bcc5e058e9170_ryuk
.exe windows:6 windows x64 arch:x64

c1f50f6c262ca2eae36fd6f8d2434d50

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

sutil_sdk

?loadMesh@@YAXAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AEAUMesh@@PEBM@Z
?freeMesh@@YAXAEAUMesh@@@Z
?samplesDir@sutil@@YAPEBDXZ
?getPtxString@sutil@@YAPEBDPEBD0PEAPEBD@Z
?loadTexture@sutil@@YA?AV?$Handle@VTextureSamplerObj@optix@@@optix@@V?$Handle@VContextObj@optix@@@3@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@Ufloat3@3@@Z

optix.1

rtBufferUnmapEx
rtBufferMapEx
rtBufferGetSize1D
rtBufferSetSize1D
rtBufferSetElementSize
rtBufferSetFormat
rtBufferGetContext
rtBufferValidate
rtBufferDestroy
rtBufferCreate
rtMaterialGetVariable
rtMaterialGetVariableCount
rtMaterialRemoveVariable
rtMaterialQueryVariable
rtMaterialDeclareVariable
rtMaterialSetAnyHitProgram
rtMaterialSetClosestHitProgram
rtMaterialGetContext
rtMaterialValidate
rtMaterialDestroy
rtMaterialCreate
rtGeometryGetVariable
rtGeometryGetVariableCount
rtGeometryRemoveVariable
rtGeometryQueryVariable
rtGeometryDeclareVariable
rtGeometrySetIntersectionProgram
rtGeometrySetBoundingBoxProgram
rtGeometrySetPrimitiveCount
rtGeometryGetContext
rtGeometryValidate
rtGeometryDestroy
rtGeometryCreate
rtGeometryInstanceGetVariable
rtGeometryInstanceGetVariableCount
rtGeometryInstanceRemoveVariable
rtGeometryInstanceQueryVariable
rtGeometryInstanceDeclareVariable
rtGeometryInstanceSetMaterial
rtGeometryInstanceSetMaterialCount
rtGeometryInstanceSetGeometry
rtGeometryInstanceGetContext
rtBufferSetDevicePointer
rtGeometryInstanceDestroy
rtGeometryInstanceCreate
rtAccelerationSetBuilder
rtAccelerationGetContext
rtAccelerationValidate
rtAccelerationDestroy
rtAccelerationCreate
rtGeometryGroupSetChild
rtGeometryGroupSetChildCount
rtGeometryGroupSetAcceleration
rtGeometryGroupGetContext
rtGeometryGroupValidate
rtGeometryGroupDestroy
rtGeometryGroupCreate
rtProgramGetVariable
rtProgramGetVariableCount
rtProgramRemoveVariable
rtProgramQueryVariable
rtProgramDeclareVariable
rtProgramGetContext
rtProgramValidate
rtProgramDestroy
rtProgramCreateFromPTXString
rtContextGetVariable
rtContextGetVariableCount
rtContextRemoveVariable
rtContextQueryVariable
rtContextDeclareVariable
rtContextLaunch1D
rtContextSetRayTypeCount
rtContextSetRayGenerationProgram
rtContextSetEntryPointCount
rtContextSetStackSize
rtContextGetDeviceCount
rtContextGetDevices
rtContextSetDevices
rtContextGetErrorString
rtContextValidate
rtContextDestroy
rtContextCreate
rtVariableGetContext
rtVariableSetObject
rtDeviceGetAttribute
rtGeometryInstanceValidate

kernel32

SetEndOfFile
HeapSize
WriteConsoleW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExA
FindClose
GetProcessHeap
ReadConsoleW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
FlushFileBuffers
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetACP
GetCommandLineW
GetCommandLineA
WriteFile
GetStdHandle
ReadFile
GetFileType
SetStdHandle
GetModuleHandleExW
ExitProcess
RtlUnwindEx
RaiseException
RtlPcToFileHeader
InitializeSListHead
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
WaitForSingleObjectEx
GetCPInfo
GetStringTypeW
GetLocaleInfoW
LCMapStringW
CompareStringW
GetSystemTimeAsFileTime
CreateEventW
InitializeCriticalSectionAndSpinCount
DecodePointer
EncodePointer
MultiByteToWideChar
WideCharToMultiByte
VerSetConditionMask
VerifyVersionInfoW
GetFullPathNameW
LoadLibraryExW
GetModuleHandleW
SetLastError
LocalFree
CreateFileW
GetFileAttributesW
GetSystemDirectoryW
LocalAlloc
HeapCreate
GetCurrentProcess
GetProcAddress
FreeLibrary
QueryPerformanceCounter
SetEnvironmentVariableA
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
TryEnterCriticalSection
LeaveCriticalSection
GetCurrentProcessId
GetCurrentThreadId
CloseHandle
SwitchToThread
ResetEvent
SetEvent
GetLastError
GetModuleFileNameA
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc

Exports

Exports

NvOptimusEnablementCuda

Sections

.text
Size: 252KB - Virtual size: 252KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 145KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.nv_fatb
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nvFatBi
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 396B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c1f50f6c262ca2eae36fd6f8d2434d50

Headers

DLL Characteristics

File Characteristics

Imports

sutil_sdk

optix.1

kernel32

Exports

Exports

Sections

.text Size: 252KB - Virtual size: 252KB

.rdata Size: 145KB - Virtual size: 145KB

.data Size: 5KB - Virtual size: 16KB

.pdata Size: 14KB - Virtual size: 14KB

.nv_fatb Size: 9KB - Virtual size: 8KB

.nvFatBi Size: 512B - Virtual size: 24B

.gfids Size: 512B - Virtual size: 396B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 252KB - Virtual size: 252KB

.rdata
Size: 145KB - Virtual size: 145KB

.data
Size: 5KB - Virtual size: 16KB

.pdata
Size: 14KB - Virtual size: 14KB

.nv_fatb
Size: 9KB - Virtual size: 8KB

.nvFatBi
Size: 512B - Virtual size: 24B

.gfids
Size: 512B - Virtual size: 396B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 5KB - Virtual size: 4KB