General
-
Target
2025-01-31_c709fcc8767c92ca14f080705c228931_ryuk
-
Size
1.4MB
-
Sample
250131-ast3eawphw
-
MD5
c709fcc8767c92ca14f080705c228931
-
SHA1
8508209071f716c458a0db37b8aeea8af506fcd9
-
SHA256
02f0b0afafe30a1919124d206216267689456712153d62fb0c1a701ba798420e
-
SHA512
10f9cd08a78e1d26fa7ff648356a11a6072fac65a36e3bf806e800b53e070f509cc0e96359e539597874f39762de6ab09652ca63f019250e4f1c2a3224923226
-
SSDEEP
24576:CnVWepdnTz8+a2rEok143lqFcxM9q3N2fVevgw5Z0NBti3a:CnVWUNz8KrEo4PFcx4qd2fOgwf0NBn
Static task
static1
Behavioral task
behavioral1
Sample
2025-01-31_c709fcc8767c92ca14f080705c228931_ryuk.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
2025-01-31_c709fcc8767c92ca14f080705c228931_ryuk.exe
Resource
win10v2004-20250129-en
Malware Config
Extracted
C:\Program Files\7-Zip\Lang\RESTORE_FILES.txt
azov
Targets
-
-
Target
2025-01-31_c709fcc8767c92ca14f080705c228931_ryuk
-
Size
1.4MB
-
MD5
c709fcc8767c92ca14f080705c228931
-
SHA1
8508209071f716c458a0db37b8aeea8af506fcd9
-
SHA256
02f0b0afafe30a1919124d206216267689456712153d62fb0c1a701ba798420e
-
SHA512
10f9cd08a78e1d26fa7ff648356a11a6072fac65a36e3bf806e800b53e070f509cc0e96359e539597874f39762de6ab09652ca63f019250e4f1c2a3224923226
-
SSDEEP
24576:CnVWepdnTz8+a2rEok143lqFcxM9q3N2fVevgw5Z0NBti3a:CnVWUNz8KrEo4PFcx4qd2fOgwf0NBn
Score10/10-
Azov family
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-