General
-
Target
2024-06-01_76e9faf3f7c8d601c3672163b8d1f690_ryuk
-
Size
5.5MB
-
Sample
240601-hc6p9sdf35
-
MD5
76e9faf3f7c8d601c3672163b8d1f690
-
SHA1
d3c1e286fdbb992dcf8d8a842d9a471f17e6dedb
-
SHA256
15d79c2239270e32f0afcb0a9e96912ce8f6d713e190f7c19a1548555b408830
-
SHA512
c00a74840fd6b794a60bb4054a12bb77c22d50931aca2faa65c8016e04099eda4c8e6a57e9cbb2fc1a502afc4ddbc678dcfa2968d3aa8f80ef9fde1d3405f9d3
-
SSDEEP
49152:iEFbqzA/PvIGDFr9AtwA3PlpIgong0yTI+q47W1Ln9tJEUxDG0BYYrLA50IHLGf7:oAI5pAdVJn9tbnR1VgBVm81Ms
Static task
static1
Behavioral task
behavioral1
Sample
2024-06-01_76e9faf3f7c8d601c3672163b8d1f690_ryuk.exe
Resource
win7-20240508-en
Malware Config
Targets
-
-
Target
2024-06-01_76e9faf3f7c8d601c3672163b8d1f690_ryuk
-
Size
5.5MB
-
MD5
76e9faf3f7c8d601c3672163b8d1f690
-
SHA1
d3c1e286fdbb992dcf8d8a842d9a471f17e6dedb
-
SHA256
15d79c2239270e32f0afcb0a9e96912ce8f6d713e190f7c19a1548555b408830
-
SHA512
c00a74840fd6b794a60bb4054a12bb77c22d50931aca2faa65c8016e04099eda4c8e6a57e9cbb2fc1a502afc4ddbc678dcfa2968d3aa8f80ef9fde1d3405f9d3
-
SSDEEP
49152:iEFbqzA/PvIGDFr9AtwA3PlpIgong0yTI+q47W1Ln9tJEUxDG0BYYrLA50IHLGf7:oAI5pAdVJn9tbnR1VgBVm81Ms
-
Detects executables containing bas64 encoded gzip files
-
Executes dropped EXE
-
Drops file in System32 directory
-