2024-06-05_046ede9193f4195e1d051423a2b951a4_ryuk | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-06-05_046ede9193f4195e1d051423a2b951a4_ryuk
Size

492KB
MD5

046ede9193f4195e1d051423a2b951a4
SHA1

b9d536ba10a9e5622394cdc1d18f15a438d039e2
SHA256

6983bc2573b19a1cade6b8e4632592ce9fd3f013f7ddc0e86a10fb20e9441285
SHA512

e625ea07dcba52966357a2666737086c5fc863f72b0e45ea4cf64c2d07aeaba0db6436d7faab43da66585f6f46de967619ac8eaf9c440420b64e83d21b3ac1dc
SSDEEP

12288:wjaaF2sTh5S3B8tlNfYKF/DCeT2T8fltA:3aF2eh5S3B8PNfhZT2T8flO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-06-05_046ede9193f4195e1d051423a2b951a4_ryuk

Files

2024-06-05_046ede9193f4195e1d051423a2b951a4_ryuk
.exe windows:10 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 305KB - Virtual size: 304KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 144KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ