Overview

overview

3

Static

static

3

2024-05-03...uk.exe

windows7-x64

1

2024-05-03...uk.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    140s
  • max time network
    108s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240419-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240419-enlocale:en-usos:windows10-2004-x64system
  • submitted
    03/05/2024, 01:10

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-05-03_447fa346fece842cf5ad8ade5ff1aefb_ryuk.exe

  • Size

    2.3MB

  • MD5

    447fa346fece842cf5ad8ade5ff1aefb

  • SHA1

    4017741aae668e604581e11cc590048bb75acadf

  • SHA256

    939beba77b5d7d50165ff20460935fe9ae9a8d844b293b7692c830750ff4dcd6

  • SHA512

    4878383a5c0c0ec50cda068e2a9d84cf2a6e2ef48798079d00efc83720fbdf7fdf5d678831c5f03308ae67f73735eaaa387c8a7cea032501e8c557b2ac7ea490

  • SSDEEP

    49152:UosQHMmpQAaR824OnqDPqFmhlyjsrrJLp2lUEFP4+Po6kk:u4O2P5JLQlVt4ib

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-05-03_447fa346fece842cf5ad8ade5ff1aefb_ryuk.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-05-03_447fa346fece842cf5ad8ade5ff1aefb_ryuk.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:3404

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3404-0-0x00007FF7E8A20000-0x00007FF7E8C79000-memory.dmp

    Filesize

    2.3MB

    Download

  • memory/3404-1-0x00007FF7E8A20000-0x00007FF7E8C79000-memory.dmp

    Filesize

    2.3MB

    Download