563f35efe9f43a96f093232c71fa17c33d245af3cfd9b3cfe2b0f2f4d2597fce

Analysis

max time kernel
122s
max time network
124s
platform
windows7_x64
resource
win7-20240215-en
resource tags

arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
submitted
28/04/2024, 07:46

Target

2024-04-28_5cdfabd8cdb2b3eed51679e97d0061bd_cobalt-strike_ryuk.exe
Size

796KB
MD5

5cdfabd8cdb2b3eed51679e97d0061bd
SHA1

236520521f1e6507560ee7ac59524c5ada223518
SHA256

563f35efe9f43a96f093232c71fa17c33d245af3cfd9b3cfe2b0f2f4d2597fce
SHA512

05bebd1058855e94a2d4356b77ea08226533c5c3240e7e6c0ec02e1432a60f0bffe90901c4e2ced29daf34e69b00715fe8fc62da5cbdb22a842558a9e7dc9143
SSDEEP

12288:JXDCAZzP/w24lh12Ylc+pFByStv9JRa//inz86NRo1qiRlUWC4kXzVC3:oANw243tc+pFB5z+//ufNRoZW

Score

1^/10

C:\Users\Admin\AppData\Local\Temp\2024-04-28_5cdfabd8cdb2b3eed51679e97d0061bd_cobalt-strike_ryuk.exe
"C:\Users\Admin\AppData\Local\Temp\2024-04-28_5cdfabd8cdb2b3eed51679e97d0061bd_cobalt-strike_ryuk.exe"
1⤵
PID:2720

memory/2720-0-0x0000000140000000-0x00000001400CF000-memory.dmp

Filesize
828KB

Download
memory/2720-13-0x0000000002310000-0x0000000002370000-memory.dmp

Filesize
384KB

Download
memory/2720-12-0x0000000140000000-0x00000001400CF000-memory.dmp

Filesize
828KB

Download
memory/2720-9-0x0000000002310000-0x0000000002370000-memory.dmp

Filesize
384KB

Download
memory/2720-1-0x0000000002310000-0x0000000002370000-memory.dmp

Filesize
384KB

Download