Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-10-05_5c5caa62947625786642442365ede125_cobalt-strike_ryuk
-
Size
5.4MB
-
Sample
241005-ynh2ca1cjq
-
MD5
5c5caa62947625786642442365ede125
-
SHA1
c19377c42c3a30f2506a058e1cd687cb7aa248db
-
SHA256
13c88eb1100197a2db5ac09f33134f09e4ed9b3414d2ad33dd1bb41f9f63816a
-
SHA512
70940ccd56b45bb7eb9c4a598a6df8c4e81faae5792765e09be8730640ea26823b659177f79e6c614ed8a35789140abb45a3994ef45d7895b45d19437fa4b26c
-
SSDEEP
49152:w0kwIi7c4xZlm5knEtw99Kn/2vim7vgv6m+yyJ/0gbvjy7yY7BHi3u7L/gBUUWL0:2wfhY7g/rLO7yYA3awr341gAD527BWG
Static task
static1
Behavioral task
behavioral1
Sample
2024-10-05_5c5caa62947625786642442365ede125_cobalt-strike_ryuk.exe
Resource
win7-20240708-en
Malware Config
Targets
-
-
Target
2024-10-05_5c5caa62947625786642442365ede125_cobalt-strike_ryuk
-
Size
5.4MB
-
MD5
5c5caa62947625786642442365ede125
-
SHA1
c19377c42c3a30f2506a058e1cd687cb7aa248db
-
SHA256
13c88eb1100197a2db5ac09f33134f09e4ed9b3414d2ad33dd1bb41f9f63816a
-
SHA512
70940ccd56b45bb7eb9c4a598a6df8c4e81faae5792765e09be8730640ea26823b659177f79e6c614ed8a35789140abb45a3994ef45d7895b45d19437fa4b26c
-
SSDEEP
49152:w0kwIi7c4xZlm5knEtw99Kn/2vim7vgv6m+yyJ/0gbvjy7yY7BHi3u7L/gBUUWL0:2wfhY7g/rLO7yYA3awr341gAD527BWG
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1