Analysis
-
max time kernel
148s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20240802-en -
resource tags
arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system -
submitted
05/08/2024, 09:41
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
2024-08-05_d051531905ab2989287abc461a00ef90_ryuk.exe
Resource
win7-20240704-en
0 signatures
150 seconds
Behavioral task
behavioral2
Sample
2024-08-05_d051531905ab2989287abc461a00ef90_ryuk.exe
Resource
win10v2004-20240802-en
1 signatures
150 seconds
General
-
Target
2024-08-05_d051531905ab2989287abc461a00ef90_ryuk.exe
-
Size
1.5MB
-
MD5
d051531905ab2989287abc461a00ef90
-
SHA1
2af0dadbb4b95220f280eddee622dc73b51837ce
-
SHA256
b916323d6fda7b32747be721811656fcd18fb0ca88b10f615024be268abec570
-
SHA512
516720a51c2a1821203bd2444ce986459dc7e5566b9ea8bbf9c7f4f1b47316781746c16bc9ed4078469bdbb4a5951f07e9c8870e2df53f11ff2026ae70bfb3c2
-
SSDEEP
12288:yOb3A4LWOsvAYFTHMTmkJR4Do07Y86gw5CtCjX+NLuFhNpBeZT3X:jTL3UTsSkQ/7Gb8NLEbeZ
Score
1/10
Malware Config
Signatures
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
description pid Process Token: SeTakeOwnershipPrivilege 2020 2024-08-05_d051531905ab2989287abc461a00ef90_ryuk.exe