General

  • Target

    2024-06-07_692f961835e3ef185240337bfb59e0f5_ryuk

  • Size

    6.9MB

  • Sample

    240607-bwwabafc4v

  • MD5

    692f961835e3ef185240337bfb59e0f5

  • SHA1

    daa54b9e9b058ef92714a65dd3b8b45ef449453d

  • SHA256

    c62212a2235e0a756cba011c9bf0d96d87ee89fdcf954cf2a9939083a83f9c48

  • SHA512

    eaf0f1250ab310d5ef100ced076d5cff6baaffea75184821ba442dae30672e8f80d9a3895f7ba283e64f08232c530974ce4e36c5f4449d72ab4ac9a3078d5a4c

  • SSDEEP

    196608:YSDUf4VuWJysVYvsOgtdIQLOMIdiwkkT6Fb9pbS:/U4cWJvtaL/dvT6B9h

Score
7/10

Malware Config

Targets

    • Target

      2024-06-07_692f961835e3ef185240337bfb59e0f5_ryuk

    • Size

      6.9MB

    • MD5

      692f961835e3ef185240337bfb59e0f5

    • SHA1

      daa54b9e9b058ef92714a65dd3b8b45ef449453d

    • SHA256

      c62212a2235e0a756cba011c9bf0d96d87ee89fdcf954cf2a9939083a83f9c48

    • SHA512

      eaf0f1250ab310d5ef100ced076d5cff6baaffea75184821ba442dae30672e8f80d9a3895f7ba283e64f08232c530974ce4e36c5f4449d72ab4ac9a3078d5a4c

    • SSDEEP

      196608:YSDUf4VuWJysVYvsOgtdIQLOMIdiwkkT6Fb9pbS:/U4cWJvtaL/dvT6B9h

    Score
    7/10
    • Loads dropped DLL

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks