General
-
Target
2024-11-04_ec700c3842922cf0a2d87d32197ca8e8_ryuk
-
Size
3.9MB
-
Sample
241104-chsspszlaz
-
MD5
ec700c3842922cf0a2d87d32197ca8e8
-
SHA1
036c3789c9b2421093b016b496ff4e404ceebbba
-
SHA256
c543e901d8a9dd6f506f2b0462c79c9ff09bbf9ab35fa21bc7bdccde6adf87d4
-
SHA512
9947a48e42b286a19a3529f34975ae31c76d7bf4ac281afeda193ec0c215de071676b6e9f0ea4deff7b837771214956200b2a3993d578bd25a9e98bc2c0fe79f
-
SSDEEP
98304:EywnSi6rUVpcSjqj5tHndKfbiHzRylM2sUCcnbHJK:EvS92nq1tH2Uz8zsmbHk
Behavioral task
behavioral1
Sample
2024-11-04_ec700c3842922cf0a2d87d32197ca8e8_ryuk.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
2024-11-04_ec700c3842922cf0a2d87d32197ca8e8_ryuk.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
cobaltstrike
http://user.z081.com:2053/hoU1
-
user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)
Targets
-
-
Target
2024-11-04_ec700c3842922cf0a2d87d32197ca8e8_ryuk
-
Size
3.9MB
-
MD5
ec700c3842922cf0a2d87d32197ca8e8
-
SHA1
036c3789c9b2421093b016b496ff4e404ceebbba
-
SHA256
c543e901d8a9dd6f506f2b0462c79c9ff09bbf9ab35fa21bc7bdccde6adf87d4
-
SHA512
9947a48e42b286a19a3529f34975ae31c76d7bf4ac281afeda193ec0c215de071676b6e9f0ea4deff7b837771214956200b2a3993d578bd25a9e98bc2c0fe79f
-
SSDEEP
98304:EywnSi6rUVpcSjqj5tHndKfbiHzRylM2sUCcnbHJK:EvS92nq1tH2Uz8zsmbHk
Score10/10-
Cobaltstrike family
-
Loads dropped DLL
-