Overview

overview

10

Static

static

3

2025-03-06...uk.exe

windows7-x64

1

2025-03-06...uk.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-03-06_6c00c2a4a51ab0484b32a1e699e8f403_ryuk

  • Size

    691KB

  • Sample

    250306-yg1ykswtdt

  • MD5

    6c00c2a4a51ab0484b32a1e699e8f403

  • SHA1

    65a5b0724a754ff9aa549ec6ff3affec8bdd4af0

  • SHA256

    753c41c1213c462834a990476d9c327050176509eae093a574190d3726fe8cb0

  • SHA512

    e39b8bb555771725ca45d027cc32c40e34f0ec95baaf7069f91b20735d9fd1ea2fdb0e26a91d6ed191065f577a5e535eb660d54c9f121691f138d84b356843c1

  • SSDEEP

    6144:jN30RyG9seFais9ybKzf+kFLLdOauLSAers509xJTtP7/F30rJyQBK2T7ge:jN309ais9yGznF+LSAewy9MrJAU/

Score
10/10
azovpersistenceransomwarewiper

Malware Config

Targets

    • Target

      2025-03-06_6c00c2a4a51ab0484b32a1e699e8f403_ryuk

    • Size

      691KB

    • MD5

      6c00c2a4a51ab0484b32a1e699e8f403

    • SHA1

      65a5b0724a754ff9aa549ec6ff3affec8bdd4af0

    • SHA256

      753c41c1213c462834a990476d9c327050176509eae093a574190d3726fe8cb0

    • SHA512

      e39b8bb555771725ca45d027cc32c40e34f0ec95baaf7069f91b20735d9fd1ea2fdb0e26a91d6ed191065f577a5e535eb660d54c9f121691f138d84b356843c1

    • SSDEEP

      6144:jN30RyG9seFais9ybKzf+kFLLdOauLSAers509xJTtP7/F30rJyQBK2T7ge:jN309ais9yGznF+LSAewy9MrJAU/

    Score
    10/10
    azovpersistenceransomwarewiper

    • Azov

      A wiper seeking only damage, first seen in 2022.

      ransomwarewiperazov

    • Azov family

      azov

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks