General
-
Target
2025-01-19_6331546946746cdb03702f23e38aab46_cobalt-strike_ryuk
-
Size
5.4MB
-
Sample
250119-ys6m7stqdj
-
MD5
6331546946746cdb03702f23e38aab46
-
SHA1
72024b3d186192441b010f0e904997671c3f6d6a
-
SHA256
4415ea1801a72507503a642fd84aeba529269b079edc2c522fba9d01b4acf320
-
SHA512
db93e5d734150b04ec6f2985a47ae31d2c7ce0bcc91d4b8b6a8f20a3fcf9f753a123dd6bbbd7e37e1c08d044007f5202ef53074293c4f9b814f7f9be6d28e369
-
SSDEEP
49152:50kwIi7c4xZlm5knEtw99Kn/2vim7vgv6m+yyJ/0gbvjy7yY7BHi3u7L/gBUUWL8:JwfhY7g/rLO7yYA3awr341g4D527BWG
Static task
static1
Behavioral task
behavioral1
Sample
2025-01-19_6331546946746cdb03702f23e38aab46_cobalt-strike_ryuk.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
2025-01-19_6331546946746cdb03702f23e38aab46_cobalt-strike_ryuk
-
Size
5.4MB
-
MD5
6331546946746cdb03702f23e38aab46
-
SHA1
72024b3d186192441b010f0e904997671c3f6d6a
-
SHA256
4415ea1801a72507503a642fd84aeba529269b079edc2c522fba9d01b4acf320
-
SHA512
db93e5d734150b04ec6f2985a47ae31d2c7ce0bcc91d4b8b6a8f20a3fcf9f753a123dd6bbbd7e37e1c08d044007f5202ef53074293c4f9b814f7f9be6d28e369
-
SSDEEP
49152:50kwIi7c4xZlm5knEtw99Kn/2vim7vgv6m+yyJ/0gbvjy7yY7BHi3u7L/gBUUWL8:JwfhY7g/rLO7yYA3awr341g4D527BWG
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1