General
-
Target
2025-07-02_dfb93b4ec1dc45746155ca66c57c1d06_black-basta_mespinoza_ryuk
-
Size
1.7MB
-
Sample
250702-xk71ma1js9
-
MD5
dfb93b4ec1dc45746155ca66c57c1d06
-
SHA1
67c37b6d3a3d150cb03a2ff9c7fd71537653e6ec
-
SHA256
51f6973b327ee528f924b28dbf224008f4f5d9b8cd0d75510385f728316c5b68
-
SHA512
bdcc7603c68d215040594da21de18b87ad97a992815b1738efbf49c73fe02ef5356e7cfebb7a70acbf5e589810bb337fd6cbac51f518051e89cce900000a5f72
-
SSDEEP
24576:G3oHrGhNF4Xx7Ab/TwSfVcYG3K/cJHlnFR+IGNe8j3Iz:QoHgFEBAbLNiXicJFFRGNzj3
Static task
static1
Behavioral task
behavioral1
Sample
2025-07-02_dfb93b4ec1dc45746155ca66c57c1d06_black-basta_mespinoza_ryuk.exe
Resource
win10v2004-20250502-en
Behavioral task
behavioral2
Sample
2025-07-02_dfb93b4ec1dc45746155ca66c57c1d06_black-basta_mespinoza_ryuk.exe
Resource
win11-20250610-en
Malware Config
Targets
-
-
Target
2025-07-02_dfb93b4ec1dc45746155ca66c57c1d06_black-basta_mespinoza_ryuk
-
Size
1.7MB
-
MD5
dfb93b4ec1dc45746155ca66c57c1d06
-
SHA1
67c37b6d3a3d150cb03a2ff9c7fd71537653e6ec
-
SHA256
51f6973b327ee528f924b28dbf224008f4f5d9b8cd0d75510385f728316c5b68
-
SHA512
bdcc7603c68d215040594da21de18b87ad97a992815b1738efbf49c73fe02ef5356e7cfebb7a70acbf5e589810bb337fd6cbac51f518051e89cce900000a5f72
-
SSDEEP
24576:G3oHrGhNF4Xx7Ab/TwSfVcYG3K/cJHlnFR+IGNe8j3Iz:QoHgFEBAbLNiXicJFFRGNzj3
Score7/10-
Event Triggered Execution: Component Object Model Hijacking
Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
-
Executes dropped EXE
-
Drops file in System32 directory
-