5ef87870db926d11beb2c143384d543781eff6450b3223f2477f06b7b3b20cb8 | Triage

Analysis

max time kernel
117s
max time network
118s
platform
windows7_x64
resource
win7-20240729-en
resource tags

arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
submitted
25-08-2024 21:32

Sharing

Report Analysis Logs

General

Target

2024-08-25_537b6d2a0aa5ee23938f37cac22734f4_ryuk.exe
Size

388KB
MD5

537b6d2a0aa5ee23938f37cac22734f4
SHA1

ec5d93942d097518d26abb329ed87661fe971926
SHA256

5ef87870db926d11beb2c143384d543781eff6450b3223f2477f06b7b3b20cb8
SHA512

009f4e65bda8a0e3ac24123c3d8d8b6f69aff9468bf0325512b7f4cc4fc881eb5e68bea49a5299b93a628f031a41e006f4a244ad95ff9eca080c82f8d8c070b3
SSDEEP

12288:nrdaMzViU0JbvWJncfoQgwrp64ufPuFXZ:nrdaMuvWJncfUMp64ufmFXZ

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

C:\Users\Admin\AppData\Local\Temp\2024-08-25_537b6d2a0aa5ee23938f37cac22734f4_ryuk.exe
"C:\Users\Admin\AppData\Local\Temp\2024-08-25_537b6d2a0aa5ee23938f37cac22734f4_ryuk.exe"
1⤵
PID:1908

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads