General
-
Target
2024-10-21_04bedba7cc8675a69948432cfa66b753_cobalt-strike_ryuk
-
Size
4.8MB
-
Sample
241021-ldp1paybja
-
MD5
04bedba7cc8675a69948432cfa66b753
-
SHA1
549438cb9e9c741d1ae20653ece482839c0cc3cf
-
SHA256
b73d5c448f3a4ce8b939fd089f218251cf8a51e216b818bdf7893352134cee40
-
SHA512
f08c35bdd834d29e3d687b5443e6a18feed9375749087359943b6dcb3b960923d590af7df57a428ea3b9af38a33e38d7c2e5fb956baf70efc2a52377cb7d32d9
-
SSDEEP
49152:Xj8f3jtqiCLg9LK2hIOR+k9jdAsizqxSiZ4K5MZqkL92c6nkdmbD4iIerM1R6ZPJ:wrZ4K5M+XD4iIewG+x6xZ14MTVD9
Static task
static1
Behavioral task
behavioral1
Sample
2024-10-21_04bedba7cc8675a69948432cfa66b753_cobalt-strike_ryuk.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
2024-10-21_04bedba7cc8675a69948432cfa66b753_cobalt-strike_ryuk
-
Size
4.8MB
-
MD5
04bedba7cc8675a69948432cfa66b753
-
SHA1
549438cb9e9c741d1ae20653ece482839c0cc3cf
-
SHA256
b73d5c448f3a4ce8b939fd089f218251cf8a51e216b818bdf7893352134cee40
-
SHA512
f08c35bdd834d29e3d687b5443e6a18feed9375749087359943b6dcb3b960923d590af7df57a428ea3b9af38a33e38d7c2e5fb956baf70efc2a52377cb7d32d9
-
SSDEEP
49152:Xj8f3jtqiCLg9LK2hIOR+k9jdAsizqxSiZ4K5MZqkL92c6nkdmbD4iIerM1R6ZPJ:wrZ4K5M+XD4iIewG+x6xZ14MTVD9
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1