General
-
Target
2024-06-28_5a50f7d436472f8c906603b01122c943_cobalt-strike_ryuk
-
Size
133KB
-
Sample
240628-2bdsmswhqk
-
MD5
5a50f7d436472f8c906603b01122c943
-
SHA1
aceedd3f3516f8d445c6432e11cb56679ab2c1be
-
SHA256
89a358150a85cbde100bceaefbad054178494c832880d89ff23cca6e66a71442
-
SHA512
0b19e448912fe763a45f67ddfa821b9aff80017cb7800cc9abf1f54369d0385248d2a10bfb57408f53f783336d2c1f07a417b9d1518e7eaf39f6f6ea9229d6f6
-
SSDEEP
3072:o+TdWkvqPMDnxsqlOuNMHEJmCYUffj+LjM:o0Wu4a3AEg7
Static task
static1
Behavioral task
behavioral1
Sample
2024-06-28_5a50f7d436472f8c906603b01122c943_cobalt-strike_ryuk.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-06-28_5a50f7d436472f8c906603b01122c943_cobalt-strike_ryuk.exe
Resource
win10v2004-20240611-en
Malware Config
Extracted
cobaltstrike
http://150.158.38.230:443/De05ceda-acc9-4018-8252-d574e1d1e630.zip
-
user_agent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/532.31 (KHTML, like Gecko) Chrome/118.1.3.5 Safari/517.36 Connection: Keep-Alive Host: updatetime.msn.cn
Targets
-
-
Target
2024-06-28_5a50f7d436472f8c906603b01122c943_cobalt-strike_ryuk
-
Size
133KB
-
MD5
5a50f7d436472f8c906603b01122c943
-
SHA1
aceedd3f3516f8d445c6432e11cb56679ab2c1be
-
SHA256
89a358150a85cbde100bceaefbad054178494c832880d89ff23cca6e66a71442
-
SHA512
0b19e448912fe763a45f67ddfa821b9aff80017cb7800cc9abf1f54369d0385248d2a10bfb57408f53f783336d2c1f07a417b9d1518e7eaf39f6f6ea9229d6f6
-
SSDEEP
3072:o+TdWkvqPMDnxsqlOuNMHEJmCYUffj+LjM:o0Wu4a3AEg7
Score10/10 -