Analysis
-
max time kernel
121s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
07-06-2024 02:17
General
-
Target
2024-06-07_ccf28af40d78acf12f05894559150e70_ryuk.exe
-
Size
11.9MB
-
MD5
ccf28af40d78acf12f05894559150e70
-
SHA1
8165f8862c491731cf1adeb9469ee5cdd7b9e650
-
SHA256
cdf13eedd60a35d7ed8f74721e36c8f77505fc4da9ec6ae34c0f4e47f73c590d
-
SHA512
5c5aa1e6d6540568b31b85d8c8d6d2e4ffaea8e211575a4ccdfccebae349a5ab95fce23d64aa18c14d407af83880e7f2a9cc071eb919ef42ac11fec85500e817
-
SSDEEP
196608:ybOOqTXrTaXPA4pzxw9BK+gpvDq9onJ5hrZER5xQ3jo4U648RmU/3ZlsPvt7+sTa:HTXafVxw9BKpbq9c5hlER5xA26tN3ZWp
Score
7/10
Malware Config
Signatures
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-06-07_ccf28af40d78acf12f05894559150e70_ryuk.exe"C:\Users\Admin\AppData\Local\Temp\2024-06-07_ccf28af40d78acf12f05894559150e70_ryuk.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\2024-06-07_ccf28af40d78acf12f05894559150e70_ryuk.exe"C:\Users\Admin\AppData\Local\Temp\2024-06-07_ccf28af40d78acf12f05894559150e70_ryuk.exe"2⤵
- Loads dropped DLL
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
4.2MB
MD5c4b75218b11808db4a04255574b2eb33
SHA1f4a3497fb6972037fb271cfdc5b404a4b28ccf07
SHA25653f27444e1e18cc39bdb733d19111e392769e428b518c0fc0839965b5a5727a2
SHA5120b7ddbe6476cc230c7bdd96b5756dfb85ab769294461d1132f0411502521a2197c0f27c687df88a2cd1ab53332eaa30f17fa65f93dac3f5e56ed2b537232e69c