General
-
Target
2024-06-08_c03170dfe4ce90d7d9b9001a3f60e006_ryuk
-
Size
5.5MB
-
Sample
240608-yewabaga65
-
MD5
c03170dfe4ce90d7d9b9001a3f60e006
-
SHA1
2a7fabe46f7ebe4a2f3e5a7600f5e1af144ab46a
-
SHA256
4a2fc91dd28474b234e9a0b9d92fb0ba8a0b20a43f343d689344f81fff62e96d
-
SHA512
de538fb33df826d05d0cf9f844b22cc9909296de113e6e5a74fe64f9c6237862632ea3f8b739fa0ed30ebc5cd0075e4942f68f57ac31ea98bb48dc9f063263f2
-
SSDEEP
49152:lEFbqzA/PvIGDFr9AtwA3PlpIgong0yTI+q47W1Ln9tJEUxDG0BYYrLA50IHLGfn:5AI5pAdVJn9tbnR1VgBVmg8
Static task
static1
Behavioral task
behavioral1
Sample
2024-06-08_c03170dfe4ce90d7d9b9001a3f60e006_ryuk.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
2024-06-08_c03170dfe4ce90d7d9b9001a3f60e006_ryuk
-
Size
5.5MB
-
MD5
c03170dfe4ce90d7d9b9001a3f60e006
-
SHA1
2a7fabe46f7ebe4a2f3e5a7600f5e1af144ab46a
-
SHA256
4a2fc91dd28474b234e9a0b9d92fb0ba8a0b20a43f343d689344f81fff62e96d
-
SHA512
de538fb33df826d05d0cf9f844b22cc9909296de113e6e5a74fe64f9c6237862632ea3f8b739fa0ed30ebc5cd0075e4942f68f57ac31ea98bb48dc9f063263f2
-
SSDEEP
49152:lEFbqzA/PvIGDFr9AtwA3PlpIgong0yTI+q47W1Ln9tJEUxDG0BYYrLA50IHLGfn:5AI5pAdVJn9tbnR1VgBVmg8
-
Detects executables containing bas64 encoded gzip files
-
Executes dropped EXE
-
Drops file in System32 directory
-