Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

2024-07-26...uk.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    150s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    26/07/2024, 13:44

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-07-26_3cb541e6448c73c650f9c3f155a7751e_cobalt-strike_ryuk.exe

  • Size

    2.2MB

  • MD5

    3cb541e6448c73c650f9c3f155a7751e

  • SHA1

    0d474f003d8da858b7b316dff26cd6db03f185f7

  • SHA256

    37588354b797b9b7c084e4406bc19fe031a73a3cd75b8aaa98339c4bf1008ecc

  • SHA512

    b9b8a17b78b67c636e8201c200957cee86958b51ea86468a32b4d67bd14919be39d6a3fec1067c7c724c5c292b8cb562b0158bdcefe116b7ff5cf6458fda8e70

  • SSDEEP

    49152:saDuxcUNYHOnWyRGO+nWuquOLRPp61Yfq/7FV6zUCSJVUgXPr:d/yRfndq5KUzPr

Score
1/10

Malware Config

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-07-26_3cb541e6448c73c650f9c3f155a7751e_cobalt-strike_ryuk.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-07-26_3cb541e6448c73c650f9c3f155a7751e_cobalt-strike_ryuk.exe"
    1⤵
      PID:1424

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1424-0-0x00000000008D0000-0x0000000000930000-memory.dmp

      Filesize

      384KB

      Download

    • memory/1424-6-0x00000000008D0000-0x0000000000930000-memory.dmp

      Filesize

      384KB

      Download

    • memory/1424-12-0x0000000140000000-0x000000014024E000-memory.dmp

      Filesize

      2.3MB

      Download

    • memory/1424-9-0x00000000008D0000-0x0000000000930000-memory.dmp

      Filesize

      384KB

      Download

    • memory/1424-8-0x0000000140000000-0x000000014024E000-memory.dmp

      Filesize

      2.3MB

      Download