d03d53f697f9dbc9b92276f3d97d0a692f428d9a1a0fc7daa37ddda7b6a2d886 | Triage

Resubmissions

08-07-2024 17:54

240708-whafxa1cqn 3

08-07-2024 17:06

240708-vmk8jayhjl 3

Analysis

max time kernel
78s
max time network
80s
platform
windows10-1703_x64
resource
win10-20240404-en
resource tags

arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system
submitted
08-07-2024 17:54

Sharing

Report Analysis Logs

General

Target

2024-07-08_5b8c9b9e1c539238aa02607d4e75b5aa_cobalt-strike_ryuk.exe
Size

946KB
MD5

5b8c9b9e1c539238aa02607d4e75b5aa
SHA1

48a5b6c32e83abf2ed5586c7211494d727425a0a
SHA256

d03d53f697f9dbc9b92276f3d97d0a692f428d9a1a0fc7daa37ddda7b6a2d886
SHA512

078cc3cdcef6dd39cf37a65e45a85c90a1fcec086c95ab9b19faee539b6d475a4c1677d6ab891a7de4466753cb235086bf2c3fbb29af415268a1221f30734f1a
SSDEEP

12288:mlLMLTHAXoUpkdJAdGywFtMa8MLBn/M5BiIymQEZ/faim4WbvFqsG+nM3dOrrH:9TgnpwJ+RyZHd/MHiIrQE3aQl9+Mcrr

Score

1^/10

Malware Config

Signatures

C:\Users\Admin\AppData\Local\Temp\2024-07-08_5b8c9b9e1c539238aa02607d4e75b5aa_cobalt-strike_ryuk.exe
"C:\Users\Admin\AppData\Local\Temp\2024-07-08_5b8c9b9e1c539238aa02607d4e75b5aa_cobalt-strike_ryuk.exe"
1⤵
PID:5016

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/5016-0-0x0000000003570000-0x00000000035D0000-memory.dmp

Filesize
384KB

Download
memory/5016-9-0x0000000003570000-0x00000000035D0000-memory.dmp

Filesize
384KB

Download
memory/5016-10-0x0000000003570000-0x00000000035D0000-memory.dmp

Filesize
384KB

Download
memory/5016-7-0x0000000003570000-0x00000000035D0000-memory.dmp

Filesize
384KB

Download
memory/5016-6-0x0000000140000000-0x00000001400F6000-memory.dmp

Filesize
984KB

Download
memory/5016-12-0x0000000140000000-0x00000001400F6000-memory.dmp

Filesize
984KB

Download