2024-05-03_39b04d3811e46e6317c91993dc00bd05_ryuk

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-03_39b04d3811e46e6317c91993dc00bd05_ryuk
Size

288KB
MD5

39b04d3811e46e6317c91993dc00bd05
SHA1

8ea7bd75d5741b306b8a5f4f3da547b47f34de88
SHA256

e95b1c88be5f1f63bfb66923b4abeac4bc930c4e51d4bc174249a6204f0e9151
SHA512

9e6ddcd29ff01b86d458c87c5f585af61d28b0a413a62a7d2f8a59e9cdc85179e25c772aebe7fed8a768aa38a769449bf2b83f81d52e17fdde732d6402f58676
SSDEEP

3072:4K5kKdHaudVZDvDL4kqA61kx7/dfJ8M1+GL/csGUH0PNnhuLoY46Q2GBZHwY57We:XvIwNDLfqA6GF/dfuGbcphmohFff

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-03_39b04d3811e46e6317c91993dc00bd05_ryuk

Files

2024-05-03_39b04d3811e46e6317c91993dc00bd05_ryuk
.exe windows:6 windows x64 arch:x64

8d0d8ca086864360a23e11942cb94d62

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

sutil_sdk

?parseDimensions@sutil@@YAXPEBDAEAH1@Z
?displayBufferPPM@sutil@@YAXPEBDV?$Handle@VBufferObj@optix@@@optix@@@Z
?displayBufferGlut@sutil@@YAXPEBDV?$Handle@VBufferObj@optix@@@optix@@@Z
?initGlut@sutil@@YAXPEAHPEAPEAD@Z
?samplesPTXDir@sutil@@YAPEBDXZ
?reportErrorMessage@sutil@@YAXPEBD@Z

optix.1

rtMaterialGetVariableCount
rtMaterialGetVariable
rtBufferCreate
rtMaterialRemoveVariable
rtBufferValidate
rtBufferGetContext
rtBufferSetFormat
rtBufferSetElementSize
rtBufferSetSize1D
rtBufferSetSize2D
rtBufferMapEx
rtBufferUnmapEx
rtMaterialQueryVariable
rtMaterialDeclareVariable
rtMaterialSetAnyHitProgram
rtMaterialSetClosestHitProgram
rtMaterialGetContext
rtMaterialValidate
rtMaterialDestroy
rtMaterialCreate
rtGeometryGetVariable
rtGeometryGetVariableCount
rtGeometryRemoveVariable
rtGeometryQueryVariable
rtGeometryDeclareVariable
rtGeometrySetIntersectionProgram
rtGeometrySetBoundingBoxProgram
rtGeometrySetPrimitiveCount
rtGeometryGetContext
rtGeometryValidate
rtGeometryDestroy
rtGeometryCreate
rtGeometryInstanceGetVariable
rtGeometryInstanceGetVariableCount
rtGeometryInstanceRemoveVariable
rtGeometryInstanceQueryVariable
rtGeometryInstanceDeclareVariable
rtGeometryInstanceSetMaterial
rtGeometryInstanceSetMaterialCount
rtGeometryInstanceSetGeometry
rtGeometryInstanceGetContext
rtGeometryInstanceValidate
rtGeometryInstanceDestroy
rtGeometryInstanceCreate
rtAccelerationSetBuilder
rtAccelerationGetContext
rtAccelerationValidate
rtAccelerationDestroy
rtAccelerationCreate
rtGeometryGroupSetChild
rtGeometryGroupSetChildCount
rtGeometryGroupSetAcceleration
rtGeometryGroupGetContext
rtGeometryGroupValidate
rtGeometryGroupDestroy
rtGeometryGroupCreate
rtTransformSetChild
rtTransformSetMatrix
rtTransformGetContext
rtTransformValidate
rtTransformDestroy
rtTransformCreate
rtGroupSetChild
rtGroupSetChildCount
rtGroupSetAcceleration
rtGroupGetContext
rtGroupValidate
rtGroupDestroy
rtGroupCreate
rtProgramGetVariable
rtProgramGetVariableCount
rtProgramRemoveVariable
rtProgramQueryVariable
rtProgramDeclareVariable
rtProgramGetContext
rtProgramValidate
rtProgramDestroy
rtProgramCreateFromPTXFile
rtContextGetVariable
rtContextGetVariableCount
rtContextRemoveVariable
rtContextQueryVariable
rtContextDeclareVariable
rtContextLaunch2D
rtContextSetMissProgram
rtContextSetRayTypeCount
rtContextSetExceptionProgram
rtContextSetRayGenerationProgram
rtContextSetEntryPointCount
rtContextSetStackSize
rtContextGetErrorString
rtContextValidate
rtContextDestroy
rtContextCreate
rtVariableGetContext
rtVariableGetObject
rtVariableSetObject
rtVariableSet1ui
rtVariableSet1i
rtVariableSet4f
rtVariableSet3f
rtVariableSet1f
rtBufferDestroy

kernel32

CreateFileW
HeapSize
ReadConsoleW
WriteConsoleW
SetStdHandle
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExA
FindClose
GetProcessHeap
SetFilePointerEx
ReadFile
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetFileType
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetACP
GetCommandLineW
GetCommandLineA
WriteFile
GetStdHandle
GetModuleFileNameA
HeapReAlloc
HeapFree
HeapAlloc
GetModuleHandleExW
ExitProcess
LoadLibraryExW
FreeLibrary
GetLastError
RtlUnwindEx
RaiseException
RtlPcToFileHeader
InitializeSListHead
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
TerminateProcess
GetCurrentProcess
IsProcessorFeaturePresent
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
WaitForSingleObjectEx
ResetEvent
SetEvent
CloseHandle
GetCPInfo
GetStringTypeW
GetLocaleInfoW
LCMapStringW
CompareStringW
GetProcAddress
GetModuleHandleW
GetSystemTimeAsFileTime
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
CreateEventW
InitializeCriticalSectionAndSpinCount
SetLastError
MultiByteToWideChar
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
DecodePointer
EncodePointer
WideCharToMultiByte

Sections

.text
Size: 149KB - Virtual size: 149KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 94KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 1024B - Virtual size: 604B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8d0d8ca086864360a23e11942cb94d62

Headers

DLL Characteristics

File Characteristics

Imports

sutil_sdk

optix.1

kernel32

Sections

.text Size: 149KB - Virtual size: 149KB

.rdata Size: 94KB - Virtual size: 94KB

.data Size: 5KB - Virtual size: 11KB

.pdata Size: 9KB - Virtual size: 8KB

.gfids Size: 1024B - Virtual size: 604B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 24KB - Virtual size: 24KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 149KB - Virtual size: 149KB

.rdata
Size: 94KB - Virtual size: 94KB

.data
Size: 5KB - Virtual size: 11KB

.pdata
Size: 9KB - Virtual size: 8KB

.gfids
Size: 1024B - Virtual size: 604B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 24KB - Virtual size: 24KB

.reloc
Size: 3KB - Virtual size: 3KB