General
-
Target
2024-10-21_1afe7f957d16cd7ed55657f37e1da31a_cobalt-strike_ryuk
-
Size
4.8MB
-
Sample
241021-lgbx8szfrj
-
MD5
1afe7f957d16cd7ed55657f37e1da31a
-
SHA1
275724a973f0f10d38c5f092f8bc31749fc33686
-
SHA256
ebac18f33b85da724df95f5387008124c7f78abb432ef3fbf3d6bf2456e1f661
-
SHA512
a8d16fdf41358e2cde4070ac431679bb119e1f50cdfc0b6af6ab753e5ef3b89c1259f6bdf0a1bb85ec8abd63dd2bce6ffd3a7bb5521942979c5d1ca684be43a8
-
SSDEEP
49152:rj8f3jtqiCLg9LK2hIOR+k9jdAsizqxSiZ4K5MZqkL92c6nkdmbD7iIerM1R6ZPn:0rZ4K5M+XD7iIewG+x6xZ14pB2Yyjl
Static task
static1
Behavioral task
behavioral1
Sample
2024-10-21_1afe7f957d16cd7ed55657f37e1da31a_cobalt-strike_ryuk.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
2024-10-21_1afe7f957d16cd7ed55657f37e1da31a_cobalt-strike_ryuk
-
Size
4.8MB
-
MD5
1afe7f957d16cd7ed55657f37e1da31a
-
SHA1
275724a973f0f10d38c5f092f8bc31749fc33686
-
SHA256
ebac18f33b85da724df95f5387008124c7f78abb432ef3fbf3d6bf2456e1f661
-
SHA512
a8d16fdf41358e2cde4070ac431679bb119e1f50cdfc0b6af6ab753e5ef3b89c1259f6bdf0a1bb85ec8abd63dd2bce6ffd3a7bb5521942979c5d1ca684be43a8
-
SSDEEP
49152:rj8f3jtqiCLg9LK2hIOR+k9jdAsizqxSiZ4K5MZqkL92c6nkdmbD7iIerM1R6ZPn:0rZ4K5M+XD7iIewG+x6xZ14pB2Yyjl
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1