General
-
Target
2024-06-07_fd8df8680b1be399a37a4400e07f7932_ryuk
-
Size
31.5MB
-
Sample
240607-c9ncashe55
-
MD5
fd8df8680b1be399a37a4400e07f7932
-
SHA1
23039ca1233cd0a318ef6a4d13f2f734f0181af1
-
SHA256
cffa602b2be72eb1e3732dbca369e109677760ceb6679c87dc07049702e36cee
-
SHA512
90c6400745f54769c6269a6783eea60b77b22f0ef1dc1ae36486f731bc9c0fad0866fe6116d809b19ff86c3814f48f9859a6cd565da4d308f44f95f559f509d8
-
SSDEEP
786432:IyWtYJQSCcBBHCEDnNbkAFeAiO8NdhYGaosQ2uJHEa4atwetN3j20FHTL:seJJCYBHCLu1LifPaQ5Jka4atwESsz
Behavioral task
behavioral1
Sample
2024-06-07_fd8df8680b1be399a37a4400e07f7932_ryuk.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-06-07_fd8df8680b1be399a37a4400e07f7932_ryuk.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
2024-06-07_fd8df8680b1be399a37a4400e07f7932_ryuk
-
Size
31.5MB
-
MD5
fd8df8680b1be399a37a4400e07f7932
-
SHA1
23039ca1233cd0a318ef6a4d13f2f734f0181af1
-
SHA256
cffa602b2be72eb1e3732dbca369e109677760ceb6679c87dc07049702e36cee
-
SHA512
90c6400745f54769c6269a6783eea60b77b22f0ef1dc1ae36486f731bc9c0fad0866fe6116d809b19ff86c3814f48f9859a6cd565da4d308f44f95f559f509d8
-
SSDEEP
786432:IyWtYJQSCcBBHCEDnNbkAFeAiO8NdhYGaosQ2uJHEa4atwetN3j20FHTL:seJJCYBHCLu1LifPaQ5Jka4atwESsz
Score6/10-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-