cae3c26374d3c9a1d5f4c40e5f620268473e560a34cd052d0cec55272e3e8337

Analysis

max time kernel
134s
max time network
146s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
23-05-2024 01:27

Target

2024-05-23_85e0ac971f188ce687ba7001ac98a51e_ryuk.exe
Size

3.7MB
MD5

85e0ac971f188ce687ba7001ac98a51e
SHA1

620d2c8dc4773299da42847ef4da98ebc0d3fedb
SHA256

cae3c26374d3c9a1d5f4c40e5f620268473e560a34cd052d0cec55272e3e8337
SHA512

619b91de7d22f800e99a5d4a94f0c27a85d7f66804a48339750884618c2c8d73054287d367d35fe5dc372d18b5a7457a3f2492db6f9f0de3047a62cdd4794812
SSDEEP

98304:PLThshBfKvh7S8Sq3YtSNJME6YBInGfNv0u67IacheAM:PLThhvM8Su3NJMEtNtyIrhs

Score

1^/10

Suspicious use of SetWindowsHookEx 2 IoCs

Processes:

2024-05-23_85e0ac971f188ce687ba7001ac98a51e_ryuk.exe

pid process

3452 2024-05-23_85e0ac971f188ce687ba7001ac98a51e_ryuk.exe
3452 2024-05-23_85e0ac971f188ce687ba7001ac98a51e_ryuk.exe

pid	process
3452	2024-05-23_85e0ac971f188ce687ba7001ac98a51e_ryuk.exe
3452	2024-05-23_85e0ac971f188ce687ba7001ac98a51e_ryuk.exe

C:\Users\Admin\AppData\Local\Temp\2024-05-23_85e0ac971f188ce687ba7001ac98a51e_ryuk.exe
"C:\Users\Admin\AppData\Local\Temp\2024-05-23_85e0ac971f188ce687ba7001ac98a51e_ryuk.exe"
1⤵
- Suspicious use of SetWindowsHookEx
PID:3452