Analysis

  • max time kernel
    92s
  • max time network
    154s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240611-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
  • submitted
    13-06-2024 13:32

General

  • Target

    2024-06-13_47045e162c64b03707f4964a7211d8bf_cobalt-strike_ryuk.exe

  • Size

    796KB

  • MD5

    47045e162c64b03707f4964a7211d8bf

  • SHA1

    771dde31fab2633097926ba7102ff75155a8764e

  • SHA256

    b43320f5a38844867489b804bd3ad3353619c6e13ef9acd4427b368614090b27

  • SHA512

    9e39208df089e7e3c7358c92d5f00b8f816dacf9aab9018122917528f0d8c655f50506b9411ef433159f36a06107c52118b3faae37801864013a0446ad31bbb7

  • SSDEEP

    12288:CXDCAZzP/w24lhGUBL8252uui8FbECP7BhdfswdJ0NXdU8ZWH7DEP1rCJ7U3v:dANw243Gt2rR8FfBhRJUEbDk1ulU/

Score
1/10

Malware Config

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-06-13_47045e162c64b03707f4964a7211d8bf_cobalt-strike_ryuk.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-06-13_47045e162c64b03707f4964a7211d8bf_cobalt-strike_ryuk.exe"
    1⤵
      PID:3944

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/3944-0-0x0000000140000000-0x00000001400CF000-memory.dmp

      Filesize

      828KB

    • memory/3944-1-0x0000000000C00000-0x0000000000C60000-memory.dmp

      Filesize

      384KB

    • memory/3944-9-0x0000000000C00000-0x0000000000C60000-memory.dmp

      Filesize

      384KB

    • memory/3944-13-0x0000000000C00000-0x0000000000C60000-memory.dmp

      Filesize

      384KB

    • memory/3944-12-0x0000000140000000-0x00000001400CF000-memory.dmp

      Filesize

      828KB