2024-10-03_d46d065ab60526e7e04686fda6ec7d47_ryuk

Sharing

Copy URL

Twitter E-mail

General

Target

2024-10-03_d46d065ab60526e7e04686fda6ec7d47_ryuk
Size

3.2MB
MD5

d46d065ab60526e7e04686fda6ec7d47
SHA1

572eef8536d7f4bdae14cb68a927786fdbc178bc
SHA256

00f95e29f281dd4175a7980ce6636f2b23d5d0a7028f14752a2e8de34eb4a967
SHA512

fd0ad2d5da9d47ace557d06b208ff9da53c0736b8c5a8d0f2b2825623c31732c9e50be50b72918a1486da4c555552de7c25ba97fbf5dfc9a63f173b8bacaf35c
SSDEEP

49152:gjJ64claag0gvu5q0RBD9AKapkOLStZ2qMWIvUO8oHGhHa6Ge1UVnUXO3MES9pjT:trVd+UGUrXdpO/MuQt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-10-03_d46d065ab60526e7e04686fda6ec7d47_ryuk

Files

2024-10-03_d46d065ab60526e7e04686fda6ec7d47_ryuk
.exe windows:6 windows x64 arch:x64

15487615572534b498374021b4b385a7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

E:\qunfeng\HidMouse-Skins(7Key)_GXT160\HidMouse-Skins(7Key)\x64\Release\HidMouse.pdb

Imports

gdiplus

GdipCreateBitmapFromHBITMAP
GdipSetInterpolationMode
GdipDrawImageI
GdipDeleteGraphics
GdipDrawImageRectI
GdipGetImageGraphicsContext
GdipDisposeImage
GdipFree
GdipAlloc
GdipCloneImage
GdipCreateBitmapFromScan0
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipCreateBitmapFromFile
GdiplusStartup
GdipCreateBitmapFromStream
GdipCreateFromHDC
GdiplusShutdown

hid

HidD_GetAttributes
HidP_GetCaps
HidD_SetFeature
HidD_GetFeature
HidD_GetPreparsedData

setupapi

SetupDiGetDeviceInterfaceDetailW
SetupDiGetClassDevsW
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInterfaces

user32

EqualRect
EnableWindow
UnhookWindowsHookEx
GetClientRect
DrawTextW
SetWindowsHookExW
PtInRect
CallNextHookEx
GetKeyNameTextW
SendMessageW
GetFocus
InvalidateRect
GetCursorPos
WindowFromPoint
ScreenToClient
GetDC
ReleaseDC
TabbedTextOutW
DrawTextExW
GrayStringW
DestroyCursor
GetWindowRgn
CreateMenu
SubtractRect
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
GetUpdateRect
IsClipboardFormatAvailable
CharUpperBuffW
SetMenuDefaultItem
LockWindowUpdate
WaitMessage
CreateAcceleratorTableW
GetKeyboardState
ToUnicodeEx
MapVirtualKeyExW
IsCharLowerW
GetKeyboardLayout
GetComboBoxInfo
MonitorFromPoint
UpdateLayeredWindow
PostThreadMessageW
UnionRect
FrameRect
CopyIcon
SetCursorPos
GetSystemMenu
IsZoomed
DrawFrameControl
DrawEdge
DrawStateW
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
SetParent
SetWindowRgn
SetClassLongPtrW
EnumDisplayMonitors
SetLayeredWindowAttributes
NotifyWinEvent
InvertRect
HideCaret
EnableScrollBar
GetIconInfo
DrawIconEx
DrawFocusRect
RegisterClipboardFormatW
ReuseDDElParam
GetAsyncKeyState
CopyImage
SetRectEmpty
DeleteMenu
SetTimer
KillTimer
CharNextW
CopyAcceleratorTableW
InvalidateRgn
SetRect
DestroyAcceleratorTable
TrackPopupMenu
UnpackDDElParam
InsertMenuItemW
TranslateAcceleratorW
LoadAcceleratorsW
UnregisterClassW
MoveWindow
OffsetRect
DispatchMessageW
TranslateMessage
ReleaseCapture
GetMessageW
MapWindowPoints
SetCapture
MessageBoxW
GetSubMenu
ModifyMenuW
LoadMenuW
GetDoubleClickTime
SystemParametersInfoW
LoadImageW
PostMessageW
SetForegroundWindow
AppendMenuW
CreatePopupMenu
DrawIcon
GetSystemMetrics
IsIconic
RegisterDeviceNotificationW
BringWindowToTop
TrackMouseEvent
ChangeWindowMessageFilter
LoadIconW
RegisterClassW
GetClassInfoW
IsWindow
GetWindowRect
GetParent
InflateRect
GetMenuDefaultItem
CharUpperW
DestroyIcon
MessageBeep
GetNextDlgGroupItem
GetWindowDC
BeginPaint
EndPaint
ClientToScreen
GetSysColor
FillRect
IsWindowEnabled
GetWindowLongW
GetWindowThreadProcessId
GetLastActivePopup
GetMenuStringW
GetMenuState
GetMenuItemID
GetMenuItemCount
InsertMenuW
RemoveMenu
DestroyWindow
CreateDialogIndirectParamW
EndDialog
GetDlgItem
GetNextDlgTabItem
GetActiveWindow
SetActiveWindow
GetDesktopWindow
RegisterWindowMessageW
PeekMessageW
GetMessagePos
GetMessageTime
DefWindowProcW
CallWindowProcW
GetClassInfoExW
CreateWindowExW
IsMenu
IsChild
SetWindowPos
GetWindowPlacement
SetWindowPlacement
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
IsWindowVisible
GetDlgCtrlID
SetFocus
GetKeyState
GetCapture
GetMenu
SetMenu
SendDlgItemMessageA
UpdateWindow
GetForegroundWindow
ValidateRect
RedrawWindow
ScrollWindow
SetScrollPos
GetScrollPos
SetScrollRange
GetScrollRange
ShowScrollBar
SetPropW
GetPropW
RemovePropW
GetWindowTextW
GetWindowTextLengthW
AdjustWindowRectEx
CopyRect
SetWindowLongW
GetWindowLongPtrW
SetWindowLongPtrW
GetClassLongPtrW
GetClassNameW
GetTopWindow
GetWindow
SetScrollInfo
GetScrollInfo
WinHelpW
MonitorFromWindow
GetMonitorInfoW
ShowWindow
SetDlgItemTextW
CheckDlgButton
SendDlgItemMessageW
SetWindowTextW
IsDialogMessageW
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoW
LoadBitmapW
PostQuitMessage
SetWindowContextHelpId
MapDialogRect
ShowOwnedPopups
SetCursor
DestroyMenu
GetMenuItemInfoW
MapVirtualKeyW
IntersectRect
RealChildWindowFromPoint
GetSysColorBrush
LoadCursorW
IsRectEmpty

kernel32

FindNextFileW
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
InitializeCriticalSectionAndSpinCount
GlobalFlags
InitializeCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalReAlloc
GlobalHandle
LocalAlloc
LocalReAlloc
GlobalAddAtomW
GetThreadLocale
CompareStringW
GetLocaleInfoW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
VirtualProtect
GetCurrentDirectoryW
DeleteFileW
FlushFileBuffers
GetFileSize
GetFullPathNameW
GetVolumeInformationW
LockFile
SetEndOfFile
SetFilePointer
UnlockFile
DuplicateHandle
GetCurrentProcess
lstrcmpiW
GetWindowsDirectoryW
FindResourceExW
SetErrorMode
GetFileAttributesW
GetFileAttributesExW
GetFileSizeEx
GetFileTime
VerSetConditionMask
VerifyVersionInfoW
GetTempFileNameW
GetTempPathW
GetProfileIntW
SearchPathW
WaitForSingleObjectEx
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetSystemTimeAsFileTime
FindFirstFileW
IsDebuggerPresent
GetStartupInfoW
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
GetProcAddress
GetModuleHandleW
FreeLibrary
GetCurrentThreadId
EncodePointer
QueryActCtxW
FindActCtxSectionStringW
DeactivateActCtx
ActivateActCtx
CreateActCtxW
LoadLibraryW
GetModuleHandleExW
OutputDebugStringA
WideCharToMultiByte
SetLastError
CopyFileW
FormatMessageW
LocalFree
GlobalSize
GetCurrentProcessId
MulDiv
GetProcessHeap
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
HeapSize
HeapFree
GetTickCount
MultiByteToWideChar
WriteFile
Sleep
GetOverlappedResult
WaitForSingleObject
ReadFile
ResetEvent
SetEvent
CreateFileW
GetPrivateProfileSectionNamesW
GetModuleFileNameW
WritePrivateProfileStringW
FreeResource
CloseHandle
GetPrivateProfileStringW
SuspendThread
ResumeThread
CreateEventW
lstrcpyW
CreateMutexW
GlobalLock
GlobalAlloc
GlobalFree
GlobalUnlock
FindResourceW
LoadResource
LockResource
SizeofResource
GetVersion
InitializeCriticalSectionEx
GetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
FindClose
FileTimeToLocalFileTime
InitializeSListHead
GetPrivateProfileIntW
OutputDebugStringW
RtlPcToFileHeader
RtlUnwindEx
GetSystemInfo
VirtualAlloc
VirtualQuery
ExitProcess
CreateThread
ExitThread
FreeLibraryAndExitThread
GetCommandLineA
GetCommandLineW
HeapQueryInformation
QueryPerformanceFrequency
SetStdHandle
GetFileType
GetStdHandle
lstrcmpA
GetVersionExW
GetCurrentThread
SetThreadPriority
GetSystemDirectoryW
GlobalFindAtomW
GetACP
LCMapStringW
GetStringTypeW
SetFilePointerEx
GetConsoleMode
ReadConsoleW
GetConsoleCP
GetTimeZoneInformation
FindFirstFileExW
IsValidCodePage
GetOEMCP
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
WriteConsoleW
GlobalGetAtomNameW

gdi32

CreatePolygonRgn
Ellipse
CreateEllipticRgn
SetPixel
GetTextCharsetInfo
EnumFontFamiliesW
Polygon
RealizePalette
GetSystemPaletteEntries
GetPaletteEntries
GetNearestPaletteIndex
CreatePalette
EnumFontFamiliesExW
GetRgnBox
Polyline
CreateDIBitmap
CreateRoundRectRgn
LPtoDP
GetTextColor
GetBkColor
GetTextMetricsW
DPtoLP
SetRectRgn
GetMapMode
CombineRgn
PatBlt
CreateRectRgnIndirect
GetTextExtentPoint32W
CreateFontIndirectW
CreateDCW
CopyMetaFileW
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
MoveToEx
Rectangle
OffsetRgn
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetViewportOrgEx
GetTextFaceW
SetTextAlign
SetTextColor
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetBkMode
SetBkColor
SelectPalette
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetPixel
GetObjectType
GetDeviceCaps
GetClipBox
ExcludeClipRect
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateBitmap
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetDIBColorTable
StretchBlt
CreateSolidBrush
CreateFontW
CreateDIBSection
GetObjectW
SetDIBColorTable
DeleteDC
DeleteObject
SelectObject
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
GetWindowOrgEx

msimg32

AlphaBlend
TransparentBlt

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

RegOpenKeyExW
RegQueryValueExW
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegSetValueExW
RegEnumKeyW
RegQueryValueW
RegEnumValueW
RegEnumKeyExW
RegCloseKey

shell32

DragFinish
DragQueryFileW
SHAppBarMessage
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetFileInfoW
ShellExecuteW
Shell_NotifyIconW
SHBrowseForFolderW
SHGetDesktopFolder

comctl32

_TrackMouseEvent
InitCommonControlsEx

shlwapi

PathFileExistsW
PathFindFileNameW
PathIsUNCW
PathStripToRootW
PathRemoveFileSpecW
StrFormatKBSizeW
PathFindExtensionW

uxtheme

DrawThemeText
DrawThemeParentBackground
OpenThemeData
CloseThemeData
GetThemeSysColor
GetWindowTheme
IsAppThemed
GetThemePartSize
IsThemeBackgroundPartiallyTransparent
GetCurrentThemeName
GetThemeColor
DrawThemeBackground

ole32

IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLockRunning
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
CoRegisterMessageFilter
OleIsCurrentClipboard
OleFlushClipboard
CoRevokeClassObject
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CoInitializeEx
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CoDisconnectObject
CoInitialize
CoCreateInstance
CLSIDFromProgID
CLSIDFromString
CoCreateGuid
CoUninitialize
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CreateStreamOnHGlobal

oleaut32

VariantTimeToSystemTime
SystemTimeToVariantTime
VariantCopy
VarBstrFromDate
OleCreateFontIndirect
SafeArrayDestroy
SysAllocStringLen
VariantInit
VariantClear
VariantChangeType
SysAllocString
LoadTypeLi
SysStringLen
SysFreeString

oledlg

OleUIBusyW

oleacc

CreateStdAccessibleObject
LresultFromObject
AccessibleObjectFromWindow

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundW

Sections

.text
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 715KB - Virtual size: 714KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.giats
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

15487615572534b498374021b4b385a7

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

gdiplus

hid

setupapi

user32

kernel32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

oleacc

imm32

winmm

Sections

.text Size: 2.2MB - Virtual size: 2.2MB

.rdata Size: 715KB - Virtual size: 714KB

.data Size: 34KB - Virtual size: 86KB

.pdata Size: 92KB - Virtual size: 91KB

.gfids Size: 106KB - Virtual size: 105KB

.giats Size: 512B - Virtual size: 16B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 47KB - Virtual size: 46KB

.reloc Size: 61KB - Virtual size: 61KB

.text
Size: 2.2MB - Virtual size: 2.2MB

.rdata
Size: 715KB - Virtual size: 714KB

.data
Size: 34KB - Virtual size: 86KB

.pdata
Size: 92KB - Virtual size: 91KB

.gfids
Size: 106KB - Virtual size: 105KB

.giats
Size: 512B - Virtual size: 16B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 47KB - Virtual size: 46KB

.reloc
Size: 61KB - Virtual size: 61KB