General
-
Target
2024-06-28_21cb548b5c4adfd61de94401705c7c7c_cobalt-strike_ryuk
-
Size
133KB
-
Sample
240628-3pd61avglb
-
MD5
21cb548b5c4adfd61de94401705c7c7c
-
SHA1
f4223a790bba82bb42a93fe6ad3b3fae1a48edb5
-
SHA256
f3dcf92555004bd3f6ee9b48bcb1f8d6a249828219d18054bbb2a82d8c86a790
-
SHA512
feaf60fb4a3a1deb09227ab2ff6f749698405df112682a78c20216006b56db2a7e443bb556440953c87c2f95bf3b1023eb79a5d0d56dafdebdbc0c3924744b8b
-
SSDEEP
3072:QQcN/pB0CKt0dtM9sJUU/Bd+wYj/6oflZ6Bu:/qH0tUkEBY+
Static task
static1
Behavioral task
behavioral1
Sample
2024-06-28_21cb548b5c4adfd61de94401705c7c7c_cobalt-strike_ryuk.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
2024-06-28_21cb548b5c4adfd61de94401705c7c7c_cobalt-strike_ryuk.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
cobaltstrike
http://150.158.38.230:443/De05ceda-acc9-4018-8252-d574e1d1e630.zip
-
user_agent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/532.31 (KHTML, like Gecko) Chrome/118.1.3.5 Safari/517.36 Connection: Keep-Alive Host: updatetime.msn.cn
Targets
-
-
Target
2024-06-28_21cb548b5c4adfd61de94401705c7c7c_cobalt-strike_ryuk
-
Size
133KB
-
MD5
21cb548b5c4adfd61de94401705c7c7c
-
SHA1
f4223a790bba82bb42a93fe6ad3b3fae1a48edb5
-
SHA256
f3dcf92555004bd3f6ee9b48bcb1f8d6a249828219d18054bbb2a82d8c86a790
-
SHA512
feaf60fb4a3a1deb09227ab2ff6f749698405df112682a78c20216006b56db2a7e443bb556440953c87c2f95bf3b1023eb79a5d0d56dafdebdbc0c3924744b8b
-
SSDEEP
3072:QQcN/pB0CKt0dtM9sJUU/Bd+wYj/6oflZ6Bu:/qH0tUkEBY+
Score10/10 -