General
-
Target
2024-06-25_e6feb59befb1dcda6d75f6f1097dc466_ryuk
-
Size
1.3MB
-
Sample
240625-ay13xa1bjd
-
MD5
e6feb59befb1dcda6d75f6f1097dc466
-
SHA1
f5b40549c5b74f9d2203a1809c65849c6aba0253
-
SHA256
fac6f7c103da0517cd9fbbd70ff61fee5db96aff1187e896f8c99f62ddae309f
-
SHA512
3818b72acfdfa228f95baa22a3c1a2630677d154984145b5284efd1c7ae674a0ae8a0dcbbe7a2d308c067150c79aea083d7c1b44c3ec57af6b93d7fdf743a3ac
-
SSDEEP
24576:jBnSh9eCojTHHpXKune0W7aLi/XWUSFhO9kl31k8/g:tShLoj7Hpauy7EidSL4gu8I
Static task
static1
Behavioral task
behavioral1
Sample
2024-06-25_e6feb59befb1dcda6d75f6f1097dc466_ryuk.exe
Resource
win7-20240611-en
Malware Config
Extracted
asyncrat
2.0.0
Default
no4.agentwindows.live
-
delay
1
-
install
false
-
install_folder
%AppData%
Targets
-
-
Target
2024-06-25_e6feb59befb1dcda6d75f6f1097dc466_ryuk
-
Size
1.3MB
-
MD5
e6feb59befb1dcda6d75f6f1097dc466
-
SHA1
f5b40549c5b74f9d2203a1809c65849c6aba0253
-
SHA256
fac6f7c103da0517cd9fbbd70ff61fee5db96aff1187e896f8c99f62ddae309f
-
SHA512
3818b72acfdfa228f95baa22a3c1a2630677d154984145b5284efd1c7ae674a0ae8a0dcbbe7a2d308c067150c79aea083d7c1b44c3ec57af6b93d7fdf743a3ac
-
SSDEEP
24576:jBnSh9eCojTHHpXKune0W7aLi/XWUSFhO9kl31k8/g:tShLoj7Hpauy7EidSL4gu8I
-
Async RAT payload
-
Detects executables attemping to enumerate video devices using WMI
-
Detects executables containing the string DcRatBy
-