46524d76d1cd5533a414460beca72b6b65e97b3daf02bfeacf935b4744910dd2 | Triage

Sharing

General

Target

2024-06-10_95948756c502c3252bfa54557895a515_cobalt-strike_ryuk
Size

298KB
Sample

240610-ngncdagg9w
MD5

95948756c502c3252bfa54557895a515
SHA1

77427418817c342455020ec2795e399d2ae02e23
SHA256

46524d76d1cd5533a414460beca72b6b65e97b3daf02bfeacf935b4744910dd2
SHA512

1722262f5f399551ac50b01ece0edc47c1857706e0a136c5243294035b183912350c59c216eaefe0c8535b24067cff611c16e48396d3c8747d2ff8c0b7051c71
SSDEEP

6144:oz28bs9bZhZM3OD5jYn+9VeoJ7olgtlhn1nVTqbfp8an4v:i28bs9bLKetm824lhntVTqF0

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  2024-06-10_95948756c502c3252bfa54557895a515_cobalt-strike_ryuk
- Size
  
  298KB
- MD5
  
  95948756c502c3252bfa54557895a515
- SHA1
  
  77427418817c342455020ec2795e399d2ae02e23
- SHA256
  
  46524d76d1cd5533a414460beca72b6b65e97b3daf02bfeacf935b4744910dd2
- SHA512
  
  1722262f5f399551ac50b01ece0edc47c1857706e0a136c5243294035b183912350c59c216eaefe0c8535b24067cff611c16e48396d3c8747d2ff8c0b7051c71
- SSDEEP
  
  6144:oz28bs9bZhZM3OD5jYn+9VeoJ7olgtlhn1nVTqbfp8an4v:i28bs9bLKetm824lhntVTqF0
Score

6^/10

persistence
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2