Overview

overview

3

Static

static

3

2024-09-19...uk.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    91s
  • max time network
    142s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    19/09/2024, 07:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-09-19_01c1a7c1a87a41b4168786791245bd23_cobalt-strike_ryuk.exe

  • Size

    1.3MB

  • MD5

    01c1a7c1a87a41b4168786791245bd23

  • SHA1

    c2110fd75e8d9d3f6c8c1684e80e23a6022ef909

  • SHA256

    5bd2674212969824d6d0b8da145a549ea60ce6f86227731d88476c20c33233f5

  • SHA512

    e90f8d931e4513fbc04d7de78add13409bba7b7dc542bc5bb3a08c7c75a036fb9a874360d8c026d7ac8e0ac97de566b2be25dd6e9c306de0ba7f78f7ae379fa1

  • SSDEEP

    12288:vsixPwEsHuXzTXc3ajG+hjQKymY8efKCpD7Gj9G6G1qT8nQkCu83L3Wl/np9DBDR:vZFwVuDTsqjnhMgeiCl7G0nehbGZpbD

Score
1/10

Malware Config

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-09-19_01c1a7c1a87a41b4168786791245bd23_cobalt-strike_ryuk.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-09-19_01c1a7c1a87a41b4168786791245bd23_cobalt-strike_ryuk.exe"
    1⤵
      PID:1872

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1872-0-0x0000000000D10000-0x0000000000D70000-memory.dmp

      Filesize

      384KB

      Download

    • memory/1872-9-0x0000000000D10000-0x0000000000D70000-memory.dmp

      Filesize

      384KB

      Download

    • memory/1872-7-0x0000000000D10000-0x0000000000D70000-memory.dmp

      Filesize

      384KB

      Download

    • memory/1872-8-0x0000000140000000-0x0000000140155000-memory.dmp

      Filesize

      1.3MB

      Download

    • memory/1872-12-0x0000000140000000-0x0000000140155000-memory.dmp

      Filesize

      1.3MB

      Download