General
-
Target
2024-06-11_1b78c8d0d0f4c5464b3893206351ff00_ryuk
-
Size
664KB
-
Sample
240611-tg4l9asfjg
-
MD5
1b78c8d0d0f4c5464b3893206351ff00
-
SHA1
f513060a24d6b658f048feaaab67916343e70a90
-
SHA256
043c8945a6bdf8cfc5e21c80f0d90efcbda88362c058652f279638c6eb272a73
-
SHA512
910207075aa58484804a3c7a912080fc60faf5fcb647758e993c2226bc35bc330f426b97b72f20d7786dbc44a006d9d4a3c8141de559ce0c47769cbe91f5654c
-
SSDEEP
12288:bs9g8KSSoCU5qJSr1emuUIhRPAYyN80gUA6HUzTshM38vBRG/Ow:LeSoCU5qJSr1emup4YyN80gUzeTkvvG1
Malware Config
Targets
-
-
Target
2024-06-11_1b78c8d0d0f4c5464b3893206351ff00_ryuk
-
Size
664KB
-
MD5
1b78c8d0d0f4c5464b3893206351ff00
-
SHA1
f513060a24d6b658f048feaaab67916343e70a90
-
SHA256
043c8945a6bdf8cfc5e21c80f0d90efcbda88362c058652f279638c6eb272a73
-
SHA512
910207075aa58484804a3c7a912080fc60faf5fcb647758e993c2226bc35bc330f426b97b72f20d7786dbc44a006d9d4a3c8141de559ce0c47769cbe91f5654c
-
SSDEEP
12288:bs9g8KSSoCU5qJSr1emuUIhRPAYyN80gUA6HUzTshM38vBRG/Ow:LeSoCU5qJSr1emup4YyN80gUzeTkvvG1
Score10/10-
Azov
A wiper seeking only damage, first seen in 2022.
-
Renames multiple (1415) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-