General
-
Target
2025-07-04_a3b88fed5efaa595f25b6ee55e7487d1_black-basta_mespinoza_ryuk
-
Size
1.0MB
-
Sample
250704-ns3w7sdp8z
-
MD5
a3b88fed5efaa595f25b6ee55e7487d1
-
SHA1
be326c330c46e3c466c3fe198bc9a7ffb890eb86
-
SHA256
4b53591f1eeff266f131b787a97cb064c304330acacf1b463b0ec63d62242443
-
SHA512
1a18c9f8f1ba1719537fdfe71c53569839a44c4513fdaa9c258094c95088ca34bea4728a8b347724397b7a2600530a8ee6f36a823d14cb94a86bee6d7752417c
-
SSDEEP
24576:ziBE0GqwXeAVmYl/i328ab4F+rM/aXq6bJfBUam6:3f5Xe6Xl/i3da1YS6ozB
Static task
static1
Behavioral task
behavioral1
Sample
2025-07-04_a3b88fed5efaa595f25b6ee55e7487d1_black-basta_mespinoza_ryuk.exe
Resource
win10v2004-20250619-en
Malware Config
Targets
-
-
Target
2025-07-04_a3b88fed5efaa595f25b6ee55e7487d1_black-basta_mespinoza_ryuk
-
Size
1.0MB
-
MD5
a3b88fed5efaa595f25b6ee55e7487d1
-
SHA1
be326c330c46e3c466c3fe198bc9a7ffb890eb86
-
SHA256
4b53591f1eeff266f131b787a97cb064c304330acacf1b463b0ec63d62242443
-
SHA512
1a18c9f8f1ba1719537fdfe71c53569839a44c4513fdaa9c258094c95088ca34bea4728a8b347724397b7a2600530a8ee6f36a823d14cb94a86bee6d7752417c
-
SSDEEP
24576:ziBE0GqwXeAVmYl/i328ab4F+rM/aXq6bJfBUam6:3f5Xe6Xl/i3da1YS6ozB
-
Event Triggered Execution: Component Object Model Hijacking
Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
-
Executes dropped EXE
-
Drops file in System32 directory
-