General
-
Target
2024-11-08_259ed8b436e06e9d0a46973979f1c308_cobalt-strike_ryuk
-
Size
3.2MB
-
Sample
241108-sd48yavajd
-
MD5
259ed8b436e06e9d0a46973979f1c308
-
SHA1
8755d1c6fc9cb7eec87175e2f327964e61d85681
-
SHA256
44a4a04dea7eca8a5909b42900a0367f3bd9c188e660e705bcdb12345ab4b509
-
SHA512
738fe89a19ce52f10156fd0ee3189b9a9e302e735ed4232228b733db0425c9641e216482aff636cf18de9e56a19ef8195d2c103a18e8b883aef88f5d06231931
-
SSDEEP
49152:V5k1YCdptya507NUUWn043oHS3fTIYwVq1/xT3DDbw0TUqypkQ/qoLEw:1NhSMYw8yBqo4w
Static task
static1
Behavioral task
behavioral1
Sample
2024-11-08_259ed8b436e06e9d0a46973979f1c308_cobalt-strike_ryuk.exe
Resource
win7-20240729-en
Malware Config
Targets
-
-
Target
2024-11-08_259ed8b436e06e9d0a46973979f1c308_cobalt-strike_ryuk
-
Size
3.2MB
-
MD5
259ed8b436e06e9d0a46973979f1c308
-
SHA1
8755d1c6fc9cb7eec87175e2f327964e61d85681
-
SHA256
44a4a04dea7eca8a5909b42900a0367f3bd9c188e660e705bcdb12345ab4b509
-
SHA512
738fe89a19ce52f10156fd0ee3189b9a9e302e735ed4232228b733db0425c9641e216482aff636cf18de9e56a19ef8195d2c103a18e8b883aef88f5d06231931
-
SSDEEP
49152:V5k1YCdptya507NUUWn043oHS3fTIYwVq1/xT3DDbw0TUqypkQ/qoLEw:1NhSMYw8yBqo4w
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1