General
-
Target
2024-06-07_9ca07e4d4ca32330c9506a00f8a05a10_ryuk
-
Size
11.7MB
-
Sample
240607-b81qkaff6w
-
MD5
9ca07e4d4ca32330c9506a00f8a05a10
-
SHA1
300600c0b1fa327265cf2c8df19e2815f6be8721
-
SHA256
ab78dae929eb6710eec101a16facce93a12fa659749927464aaf4afb17fb0cfc
-
SHA512
6a2864c3059c07e16e9b5a899894113d11d8fd5178995c015ae9b109e5c68d1e6dd552dbb79b4eb1af88e1716a1d93d3376548591bc8d331a6bee64ae56e7ab8
-
SSDEEP
196608:v3lAG6ZOjgp1Dvn/RNrlHAjoG+IE9onJ5hrZERv/Q3jo4UZFolf7+/I5K2+co1mN:/lCLpN/ZxlHOFE9c5hlERv/A2ZkSgK2s
Behavioral task
behavioral1
Sample
2024-06-07_9ca07e4d4ca32330c9506a00f8a05a10_ryuk.exe
Resource
win7-20240220-en
Malware Config
Targets
-
-
Target
2024-06-07_9ca07e4d4ca32330c9506a00f8a05a10_ryuk
-
Size
11.7MB
-
MD5
9ca07e4d4ca32330c9506a00f8a05a10
-
SHA1
300600c0b1fa327265cf2c8df19e2815f6be8721
-
SHA256
ab78dae929eb6710eec101a16facce93a12fa659749927464aaf4afb17fb0cfc
-
SHA512
6a2864c3059c07e16e9b5a899894113d11d8fd5178995c015ae9b109e5c68d1e6dd552dbb79b4eb1af88e1716a1d93d3376548591bc8d331a6bee64ae56e7ab8
-
SSDEEP
196608:v3lAG6ZOjgp1Dvn/RNrlHAjoG+IE9onJ5hrZERv/Q3jo4UZFolf7+/I5K2+co1mN:/lCLpN/ZxlHOFE9c5hlERv/A2ZkSgK2s
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-