Behavioral task
behavioral1
Sample
e446b4ca910c3ff3b3add0fb35b3120385d880f7cf02ca21ba872e1d57eb39dd.bin.sample.dll
Resource
win7v20210408
Behavioral task
behavioral2
Sample
e446b4ca910c3ff3b3add0fb35b3120385d880f7cf02ca21ba872e1d57eb39dd.bin.sample.dll
Resource
win10v20210410
General
-
Target
e446b4ca910c3ff3b3add0fb35b3120385d880f7cf02ca21ba872e1d57eb39dd.bin.sample
-
Size
8.3MB
-
MD5
cf903aa75574ea4b1be9c96a027203d3
-
SHA1
b9c5441919d9a247aa7449b354bb8c100665d23e
-
SHA256
e446b4ca910c3ff3b3add0fb35b3120385d880f7cf02ca21ba872e1d57eb39dd
-
SHA512
152dbd473d2277a95ec79a3d57f047ec8026617efc0117ad82d20102ca6a45c8ebb1a237fb0b0c0a40d5dee10c5f240cf946de73cdd11a523138270bad891b1f
Malware Config
Signatures
-
Detected SUNBURST backdoor 1 IoCs
SUNBURST is a backdoor for the SolarWinds Orion platform with extensive capabilities.
Processes:
resource yara_rule sample family_sunburst -
GandCrab Payload 1 IoCs
Processes:
resource yara_rule sample family_gandcrab -
Gandcrab family
-
Sunburst family
-
XMRig Miner Payload 1 IoCs
Processes:
resource yara_rule sample xmrig -
Xmrig family
Files
-
e446b4ca910c3ff3b3add0fb35b3120385d880f7cf02ca21ba872e1d57eb39dd.bin.sample.dll windows x86