3b9137a5a5d2285da12b67d7b8702cdffe92cad1584f707d2ea5198d15d38be6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-06-15_7f523c8a8e4f17e07314109be6debed7_cobalt-strike_ryuk
Size

298KB
Sample

240615-qallba1gla
MD5

7f523c8a8e4f17e07314109be6debed7
SHA1

15455d139cb8545b87dedc95116b6c658335add5
SHA256

3b9137a5a5d2285da12b67d7b8702cdffe92cad1584f707d2ea5198d15d38be6
SHA512

3ff263bf020e69459855855deb765815d793f283a54e7198e8e5fc6e175a9a25b2cfc635a933cb8c5b6312b806805a960983c65e858a1ccad7fc64d2c871141a
SSDEEP

6144:0pqVt5Ij1s9Nxlk8MhOD2KZJeEMosJ7olgtlhnWmDf+l66O:MqJIj1s9NwNAacY24lhnnDn

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  2024-06-15_7f523c8a8e4f17e07314109be6debed7_cobalt-strike_ryuk
- Size
  
  298KB
- MD5
  
  7f523c8a8e4f17e07314109be6debed7
- SHA1
  
  15455d139cb8545b87dedc95116b6c658335add5
- SHA256
  
  3b9137a5a5d2285da12b67d7b8702cdffe92cad1584f707d2ea5198d15d38be6
- SHA512
  
  3ff263bf020e69459855855deb765815d793f283a54e7198e8e5fc6e175a9a25b2cfc635a933cb8c5b6312b806805a960983c65e858a1ccad7fc64d2c871141a
- SSDEEP
  
  6144:0pqVt5Ij1s9Nxlk8MhOD2KZJeEMosJ7olgtlhnWmDf+l66O:MqJIj1s9NwNAacY24lhnnDn
Score

6^/10

persistence
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2