General
-
Target
2024-06-11_52d0945f5af30a21df98c8704ae9e367_cobalt-strike_ryuk
-
Size
298KB
-
Sample
240611-q6knwsygpd
-
MD5
52d0945f5af30a21df98c8704ae9e367
-
SHA1
c15f55e97a934755063d50d5fdd0813af0bb906d
-
SHA256
ca7264adb56c0ff32a1aabf81bf9462a68ae014111dd19274ad9b98768a1d649
-
SHA512
719c2cdc521e3d9a6a8d245521daec28ddb90770f21a577a5ba23064a158bceffefe7f58a17b483a49a4ca9bb3727ad3b8c693f73612a248c455b2a89e348756
-
SSDEEP
6144:gDdaP8I3s9fENxMXiDYStzFxYSGvJ7olgtlhnuSrtzEHtl:edlI3s9fyyScS7224lhnDJz4j
Static task
static1
Behavioral task
behavioral1
Sample
2024-06-11_52d0945f5af30a21df98c8704ae9e367_cobalt-strike_ryuk.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
2024-06-11_52d0945f5af30a21df98c8704ae9e367_cobalt-strike_ryuk.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
2024-06-11_52d0945f5af30a21df98c8704ae9e367_cobalt-strike_ryuk
-
Size
298KB
-
MD5
52d0945f5af30a21df98c8704ae9e367
-
SHA1
c15f55e97a934755063d50d5fdd0813af0bb906d
-
SHA256
ca7264adb56c0ff32a1aabf81bf9462a68ae014111dd19274ad9b98768a1d649
-
SHA512
719c2cdc521e3d9a6a8d245521daec28ddb90770f21a577a5ba23064a158bceffefe7f58a17b483a49a4ca9bb3727ad3b8c693f73612a248c455b2a89e348756
-
SSDEEP
6144:gDdaP8I3s9fENxMXiDYStzFxYSGvJ7olgtlhnuSrtzEHtl:edlI3s9fyyScS7224lhnDJz4j
Score6/10-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-