Behavioral task
behavioral1
Sample
a571af444e69e542754e107eb133c878a0cbea7e279c29e4961971051c8e9623.bin.sample.dll
Resource
win7v20210408
Behavioral task
behavioral2
Sample
a571af444e69e542754e107eb133c878a0cbea7e279c29e4961971051c8e9623.bin.sample.dll
Resource
win10v20210410
General
-
Target
a571af444e69e542754e107eb133c878a0cbea7e279c29e4961971051c8e9623.bin.sample
-
Size
8.1MB
-
MD5
8baef83d86ced764e9c8d115b4f33742
-
SHA1
68c728055155e8fbf18620e233ca6cba1f1614d2
-
SHA256
a571af444e69e542754e107eb133c878a0cbea7e279c29e4961971051c8e9623
-
SHA512
d4e50da2d91546a0ac11a7bac2782b0ea31d0ca3b3b12930f21e42447f5b5e7f4eea125a525597da7b481fcf9b75ff5ad10578b90b0805ce0e5f6dbd86134378
Malware Config
Signatures
-
Detected SUNBURST backdoor 1 IoCs
SUNBURST is a backdoor for the SolarWinds Orion platform with extensive capabilities.
Processes:
resource yara_rule sample family_sunburst -
GandCrab Payload 1 IoCs
Processes:
resource yara_rule sample family_gandcrab -
Gandcrab family
-
Sunburst family
-
XMRig Miner Payload 1 IoCs
Processes:
resource yara_rule sample xmrig -
Xmrig family
Files
-
a571af444e69e542754e107eb133c878a0cbea7e279c29e4961971051c8e9623.bin.sample.dll windows x86