Overview

overview

4

Static

static

1

2024-04-29...uk.exe

windows10-2004-x64

4

Analysis

  • max time kernel
    67s
  • max time network
    50s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240419-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240419-enlocale:en-usos:windows10-2004-x64system
  • submitted
    29-04-2024 19:49

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-04-29_489802bd2d3a33ae12bc2e0f173f8796_ryuk.exe

  • Size

    2.1MB

  • MD5

    489802bd2d3a33ae12bc2e0f173f8796

  • SHA1

    e1061f9c5cabc4a9c433076f2120854ce06a4076

  • SHA256

    7492e91d43ea31d0d08b358496e0d93065c7fc721a2fa2d3103428d61f9b6b45

  • SHA512

    2f9b5fa8e54d7cc4df32babf0bcaf7ddf83af0732750755f065c21ecefb58f877d602041763646cb077f6020602d6593d43e34fb8dd352562550b3d5fb345ed6

  • SSDEEP

    49152:3tU/X92QdMarTZDQoR8zSjWG/cGRzhrByk4:eGzS68cGs

Score
4/10
discovery

Malware Config

Signatures

  • Checks installed software on the system 1 TTPs

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-04-29_489802bd2d3a33ae12bc2e0f173f8796_ryuk.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-04-29_489802bd2d3a33ae12bc2e0f173f8796_ryuk.exe"
    1⤵
      PID:688

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads