sunburst | SolarWinds[.]Orion[.]Core[.]BusinessLayer[.]dll | Triage

Sharing

General

Target

SolarWinds.Orion.Core.BusinessLayer.dll
Size

991KB
MD5

553bb0993c7261e1b1adfb92ecfaf9f2
SHA1

de850f75f4e4d9491cb624e5af5fa1ce1a6438d0
SHA256

42e73c85b07d89956e94db832d6501c823ae00684c50d9c9163194357c3dd3ed
SHA512

b4f74e2d852367909e407c2fa14763dcc6f341ee1a56ec5e7afa3d06439634a45f5433ad555cf72eaa4547bc27b6e4009dca0eab7740d34d7bee4fc34ba4c52c

Score

10^/10

backdoor sunburst

Malware Config

Signatures

Detected SUNBURST backdoor 1 IoCs
SUNBURST is a backdoor for the SolarWinds Orion platform with extensive capabilities.
backdoor

Processes:

resource yara_rule

sample family_sunburst
Sunburst family
sunburst

Files

SolarWinds.Orion.Core.BusinessLayer.dll
.dll windows x86