General
-
Target
2024-06-07_3772f8a06aed2b904696a6d34e606eed_ryuk
-
Size
10.5MB
-
Sample
240607-bj274aga59
-
MD5
3772f8a06aed2b904696a6d34e606eed
-
SHA1
f15ff01d537618c3834bf95af1835006ab3e45cf
-
SHA256
c527cb4bb6e4f78db93dff36573e57bfbea897c8a378a04862b2f7515b533d49
-
SHA512
5299c20d3c7e48922c59ad9907e41f631159263e01d73151d678843cf60d517bf1259fdcfebf334f09ef7e82b6f5f0a30af9da90680ca1fd4bdb00ca7128b69b
-
SSDEEP
196608:ZSmD1gjuWJysVYvsO5mDIEVFKgd7pQDw748RmU/3ZlsPvOolA+5C8CbCbz6r2Coz:YmeyWJOmDIEBd7pQDGtN3ZWDGAbz6Kd
Behavioral task
behavioral1
Sample
2024-06-07_3772f8a06aed2b904696a6d34e606eed_ryuk.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
2024-06-07_3772f8a06aed2b904696a6d34e606eed_ryuk.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-06-07_3772f8a06aed2b904696a6d34e606eed_ryuk
-
Size
10.5MB
-
MD5
3772f8a06aed2b904696a6d34e606eed
-
SHA1
f15ff01d537618c3834bf95af1835006ab3e45cf
-
SHA256
c527cb4bb6e4f78db93dff36573e57bfbea897c8a378a04862b2f7515b533d49
-
SHA512
5299c20d3c7e48922c59ad9907e41f631159263e01d73151d678843cf60d517bf1259fdcfebf334f09ef7e82b6f5f0a30af9da90680ca1fd4bdb00ca7128b69b
-
SSDEEP
196608:ZSmD1gjuWJysVYvsO5mDIEVFKgd7pQDw748RmU/3ZlsPvOolA+5C8CbCbz6r2Coz:YmeyWJOmDIEBd7pQDGtN3ZWDGAbz6Kd
-
Loads dropped DLL
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-