General
-
Target
2024-11-08_45afb8e093b7ab1794807114d9f16653_cobalt-strike_ryuk
-
Size
6.2MB
-
Sample
241108-rsk8yawndm
-
MD5
45afb8e093b7ab1794807114d9f16653
-
SHA1
5cc5e6fe4dc873c4a8e9e4e5611547fc6d1e5380
-
SHA256
e65364d8dd1047eabfa29eb8b08970d0571c03edc9cd4d0094ad11a548a98f14
-
SHA512
06f1bf52592a182644a904def75e4f3b74df73c879bb30242892cd6fda07907872fc2c3135972262538ae00b05d04ca05e13b30560ed68b17ed829b9881025d2
-
SSDEEP
98304:naNewOzj/0I/v7lyCsDkV/i+3Kf7SWD527BWG:namRxsDt+3KfBVQBWG
Static task
static1
Malware Config
Targets
-
-
Target
2024-11-08_45afb8e093b7ab1794807114d9f16653_cobalt-strike_ryuk
-
Size
6.2MB
-
MD5
45afb8e093b7ab1794807114d9f16653
-
SHA1
5cc5e6fe4dc873c4a8e9e4e5611547fc6d1e5380
-
SHA256
e65364d8dd1047eabfa29eb8b08970d0571c03edc9cd4d0094ad11a548a98f14
-
SHA512
06f1bf52592a182644a904def75e4f3b74df73c879bb30242892cd6fda07907872fc2c3135972262538ae00b05d04ca05e13b30560ed68b17ed829b9881025d2
-
SSDEEP
98304:naNewOzj/0I/v7lyCsDkV/i+3Kf7SWD527BWG:namRxsDt+3KfBVQBWG
-
Executes dropped EXE
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-