9b11711efed24b3c6723521a7d7eb4a52e4914db7420e278aa36e727459d59dd | Triage

Submit
Reports

Overview

overview

Static

static

revil_kasaya.exe

windows7_x64

1

revil_kasaya.exe

windows10_x64

Resubmissions

06-07-2021 11:37

210706-p53qbr7qe2 10

05-07-2021 18:31

210705-amslxqt9ea 10

04-07-2021 17:07

210704-587ycgna36 10

04-07-2021 16:29

210704-d622hysdcx 10

03-07-2021 14:55

210703-cggr9ffskx 10

Analysis

max time kernel
2s
max time network
33s
platform
windows7_x64
resource
win7v20210410
submitted
03-07-2021 14:55

Sharing

Static task

static1

$2a$12$prox/4ekl8zrpgsc5lnhpecevs5nockouw5r3s4jjydnzzsghvbkq 8254 sodinokibi

Behavioral task

behavioral1

Sample

revil_kasaya.exe

Resource

win7v20210410

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

revil_kasaya.exe

Resource

win10v20210408

evasion ransomware

windows10_x64

0 signatures

0 seconds

Report Analysis Logs

General

Target

revil_kasaya.exe
Size

136KB
MD5

94d087166651c0020a9e6cc2fdacdc0c
SHA1

99be22569ba9b1e49d3fd36f65faa6795672fcc0
SHA256

9b11711efed24b3c6723521a7d7eb4a52e4914db7420e278aa36e727459d59dd
SHA512

0f5a413e57e4cedf0a8df3b33cda3c2c0732ded58c367633e8677bf88786eb786b85c97420fda150fecb68db74dc00f77064c3ea77d00f53904413c9ea3a93ba

Score

1^/10

Malware Config

Signatures

Processes

C:\Users\Admin\AppData\Local\Temp\revil_kasaya.exe
"C:\Users\Admin\AppData\Local\Temp\revil_kasaya.exe"
1⤵
PID:2012

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2012-59-0x00000000765F1000-0x00000000765F3000-memory.dmp

Filesize
8KB

Download

© 2018-2024

Terms | Privacy