Behavioral task
behavioral1
Sample
e44443912307f69f276ad248e42b0d982e1f45101250818817fad4d0ab66dd5a.bin.sample.dll
Resource
win7v20210410
Behavioral task
behavioral2
Sample
e44443912307f69f276ad248e42b0d982e1f45101250818817fad4d0ab66dd5a.bin.sample.dll
Resource
win10v20210410
General
-
Target
e44443912307f69f276ad248e42b0d982e1f45101250818817fad4d0ab66dd5a.bin.sample
-
Size
8.2MB
-
MD5
28ac1727f7d0ff4e3faaadffb9e78433
-
SHA1
c52427998ff35a96cdc51a68ccd11d6e021f8477
-
SHA256
e44443912307f69f276ad248e42b0d982e1f45101250818817fad4d0ab66dd5a
-
SHA512
c49be86132f908ddadf420f4e2010174dbd09a4e2cff145e98f01b09eb91710c445cfa443fd1876df8a91c932e52cf0bf96a2817b34cd3108b3eef8f615a42bb
Malware Config
Signatures
-
Detected SUNBURST backdoor 1 IoCs
SUNBURST is a backdoor for the SolarWinds Orion platform with extensive capabilities.
Processes:
resource yara_rule sample family_sunburst -
GandCrab Payload 1 IoCs
Processes:
resource yara_rule sample family_gandcrab -
Gandcrab family
-
Sunburst family
-
XMRig Miner Payload 1 IoCs
Processes:
resource yara_rule sample xmrig -
Xmrig family
Files
-
e44443912307f69f276ad248e42b0d982e1f45101250818817fad4d0ab66dd5a.bin.sample.dll windows x86