Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-10-18_191b51a6c776ae3e80f3d4a4e0fc7c2a_cobalt-strike_ryuk
-
Size
4.8MB
-
Sample
241018-bvyztaybmb
-
MD5
191b51a6c776ae3e80f3d4a4e0fc7c2a
-
SHA1
99f325838412867a0141c454229fde8de7dc47ae
-
SHA256
bda264b64178257ee2590c8c3fedeee851322a8f03a8eac970ea3c36c3822524
-
SHA512
b442c6c3718b3de89afde6e22b0b07c09d4ce3a52d3be92a2b55e0ccfcb9d55023325a30f6996ecb03c2921325358bc662046ba2200e6ec209258ab25020c56f
-
SSDEEP
49152:Qj8f3jtqiCLg9LK2hIOR+k9jdAsizqxSiZ4K5MZqkL92c6nkdmbD7iIerM1R6ZP6:7rZ4K5M+XD7iIewG+x6xZ14WB2Yyjl
Static task
static1
Behavioral task
behavioral1
Sample
2024-10-18_191b51a6c776ae3e80f3d4a4e0fc7c2a_cobalt-strike_ryuk.exe
Resource
win7-20241010-en
Malware Config
Targets
-
-
Target
2024-10-18_191b51a6c776ae3e80f3d4a4e0fc7c2a_cobalt-strike_ryuk
-
Size
4.8MB
-
MD5
191b51a6c776ae3e80f3d4a4e0fc7c2a
-
SHA1
99f325838412867a0141c454229fde8de7dc47ae
-
SHA256
bda264b64178257ee2590c8c3fedeee851322a8f03a8eac970ea3c36c3822524
-
SHA512
b442c6c3718b3de89afde6e22b0b07c09d4ce3a52d3be92a2b55e0ccfcb9d55023325a30f6996ecb03c2921325358bc662046ba2200e6ec209258ab25020c56f
-
SSDEEP
49152:Qj8f3jtqiCLg9LK2hIOR+k9jdAsizqxSiZ4K5MZqkL92c6nkdmbD7iIerM1R6ZP6:7rZ4K5M+XD7iIewG+x6xZ14WB2Yyjl
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1