2024-07-09_56f260bfd92b9fe477a0bd68a7f7d2db_ryuk

Sharing

Copy URL Twitter E-mail

General

Target

2024-07-09_56f260bfd92b9fe477a0bd68a7f7d2db_ryuk
Size

2.9MB
MD5

56f260bfd92b9fe477a0bd68a7f7d2db
SHA1

b1e3238f6348b97c999b26d25527a8b53a7cfee8
SHA256

b9e072c53243ef070ffdcb686bba2aee6ca248f4aace112ce867ea23f5924818
SHA512

814ee15c52b041013054817dc112be0c3993f15c301380295865737d8071537e23149eeef4532005dc6e69a5c483740ad3bbcd85c11a3800286ab53772b43712
SSDEEP

49152:YndPjazwYcCOlBWD9rqGZi0iIGTHI6DOnIIeNxu6xl1aZt6m5xbzDI6bpsRJrAG+:S2D8siFIIm3Gob5X

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-07-09_56f260bfd92b9fe477a0bd68a7f7d2db_ryuk

Files

2024-07-09_56f260bfd92b9fe477a0bd68a7f7d2db_ryuk
.exe windows:10 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 571KB - Virtual size: 570KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 97KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gxfg
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.retplne
Size: 512B - Virtual size: 172B

.tls
Size: 1024B - Virtual size: 585B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CPADinfo
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

LZMADEC
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 431KB - Virtual size: 430KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 580KB - Virtual size: 584KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 2.8MB - Virtual size: 2.8MB

.rdata Size: 571KB - Virtual size: 570KB

.data Size: 68KB - Virtual size: 123KB

.pdata Size: 97KB - Virtual size: 97KB

.gxfg Size: 12KB - Virtual size: 12KB

.retplne Size: 512B - Virtual size: 172B

.tls Size: 1024B - Virtual size: 585B

CPADinfo Size: 512B - Virtual size: 56B

LZMADEC Size: 4KB - Virtual size: 4KB

_RDATA Size: 512B - Virtual size: 500B

.rsrc Size: 431KB - Virtual size: 430KB

.reloc Size: 580KB - Virtual size: 584KB

.text
Size: 2.8MB - Virtual size: 2.8MB

.rdata
Size: 571KB - Virtual size: 570KB

.data
Size: 68KB - Virtual size: 123KB

.pdata
Size: 97KB - Virtual size: 97KB

.gxfg
Size: 12KB - Virtual size: 12KB

.retplne
Size: 512B - Virtual size: 172B

.tls
Size: 1024B - Virtual size: 585B

CPADinfo
Size: 512B - Virtual size: 56B

LZMADEC
Size: 4KB - Virtual size: 4KB

_RDATA
Size: 512B - Virtual size: 500B

.rsrc
Size: 431KB - Virtual size: 430KB

.reloc
Size: 580KB - Virtual size: 584KB