f3a622b84e632e255797fa2f7da9de8e05bc523931da6e9327dc1db8171d69aa | Triage

Submit
Reports

Overview

overview

Static

static

SolarWinds...er.dll

windows7_x64

1

SolarWinds...er.dll

windows10_x64

1

Analysis

max time kernel
12s
max time network
113s
platform
windows10_x64
resource
win10v20201028
submitted
28-12-2020 05:50

Sharing

Static task

static1

backdoor sunburst

Behavioral task

behavioral1

Sample

SolarWinds.Orion.Core.BusinessLayer.dll

Resource

win7v20201028

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

SolarWinds.Orion.Core.BusinessLayer.dll

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Report Analysis Logs

General

Target

SolarWinds.Orion.Core.BusinessLayer.dll
Size

1005KB
MD5

fc8e4ed4d3a90ab61ef6af99443273e3
SHA1

8ead132e3a3bc4a09685f807c53317cb1c127cb1
SHA256

f3a622b84e632e255797fa2f7da9de8e05bc523931da6e9327dc1db8171d69aa
SHA512

f39657cc28042f2225cdc80ce304ca77b652394f8072e3fc2c29ecd9d855c505909e8cc677b48f7ebfca82aa0b8af99280f09118e9ad865dc663e1a199735e9f

Score

1^/10

Malware Config

Signatures

Processes

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\SolarWinds.Orion.Core.BusinessLayer.dll,#1
1⤵
PID:3584

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2024

Terms | Privacy