General

  • Target

    2024-06-07_bb8f5375ab38d5e0137c45d48be7a958_ryuk

  • Size

    6.9MB

  • Sample

    240607-cl4dlsfh7x

  • MD5

    bb8f5375ab38d5e0137c45d48be7a958

  • SHA1

    cf7fe3dc24bef49df54c00c981ee64ba8b2f1414

  • SHA256

    c216e8d6f67ab151ee8e9f4e534587ed9e62312f1a0b31315b026c9c69cbf674

  • SHA512

    5799327d8756968ddd34da006e861eb6b9c4e4c71b6d86ee98051b30d789427c47d3c0830c969d3d6147cb37ee7114dd757829b3a504f7c8998739e4f663885c

  • SSDEEP

    196608:YSTUf4QuWJysVYvsOgtdIQLOMIdiwkkT6FbGpQTh:PU41WJvtaL/dvT6BGat

Score
7/10

Malware Config

Targets

    • Target

      2024-06-07_bb8f5375ab38d5e0137c45d48be7a958_ryuk

    • Size

      6.9MB

    • MD5

      bb8f5375ab38d5e0137c45d48be7a958

    • SHA1

      cf7fe3dc24bef49df54c00c981ee64ba8b2f1414

    • SHA256

      c216e8d6f67ab151ee8e9f4e534587ed9e62312f1a0b31315b026c9c69cbf674

    • SHA512

      5799327d8756968ddd34da006e861eb6b9c4e4c71b6d86ee98051b30d789427c47d3c0830c969d3d6147cb37ee7114dd757829b3a504f7c8998739e4f663885c

    • SSDEEP

      196608:YSTUf4QuWJysVYvsOgtdIQLOMIdiwkkT6FbGpQTh:PU41WJvtaL/dvT6BGat

    Score
    7/10
    • Loads dropped DLL

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks