General
-
Target
2024-06-07_6efc7e936fa8c77ac03a918e74eef93d_ryuk
-
Size
11.0MB
-
Sample
240607-jwexbsch7x
-
MD5
6efc7e936fa8c77ac03a918e74eef93d
-
SHA1
d2ece63dbd800c8737a3293230bf4c9fef4330a0
-
SHA256
b0dc66637ad1043b6304d6147bff20b5743e803e1a0b8a3839ddd7199f0b7d07
-
SHA512
1965f19d6d67610ac51cfb8bcd16bce7cadb2d66148eb49c54f1277cca26d698968bcf83edae1f5356c2be732da40d5daaaea0ccca87580fd6da661ed39fb665
-
SSDEEP
196608:EBc7+jX+7+GI+r9onJ5hrZERlyiU8AdZYJERXEzsDO48RmU/qZlsPvarTwRN8Cph:qcOPA9c5hlERJAdZYy90RtNqZWarMVnx
Behavioral task
behavioral1
Sample
2024-06-07_6efc7e936fa8c77ac03a918e74eef93d_ryuk.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
2024-06-07_6efc7e936fa8c77ac03a918e74eef93d_ryuk
-
Size
11.0MB
-
MD5
6efc7e936fa8c77ac03a918e74eef93d
-
SHA1
d2ece63dbd800c8737a3293230bf4c9fef4330a0
-
SHA256
b0dc66637ad1043b6304d6147bff20b5743e803e1a0b8a3839ddd7199f0b7d07
-
SHA512
1965f19d6d67610ac51cfb8bcd16bce7cadb2d66148eb49c54f1277cca26d698968bcf83edae1f5356c2be732da40d5daaaea0ccca87580fd6da661ed39fb665
-
SSDEEP
196608:EBc7+jX+7+GI+r9onJ5hrZERlyiU8AdZYJERXEzsDO48RmU/qZlsPvarTwRN8Cph:qcOPA9c5hlERJAdZYy90RtNqZWarMVnx
-
Loads dropped DLL
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-