Behavioral task
behavioral1
Sample
7107416ed9530c314c5119f85e8aba7d9784064facbf3aaf76e707b9f50790eb.bin.sample.dll
Resource
win7v20210408
Behavioral task
behavioral2
Sample
7107416ed9530c314c5119f85e8aba7d9784064facbf3aaf76e707b9f50790eb.bin.sample.dll
Resource
win10v20210410
General
-
Target
7107416ed9530c314c5119f85e8aba7d9784064facbf3aaf76e707b9f50790eb.bin.sample
-
Size
8.4MB
-
MD5
a969ebba97c5a5b411a467faeee8a81c
-
SHA1
5e4868a1d89beaf163972e1672ee4943bec268a4
-
SHA256
7107416ed9530c314c5119f85e8aba7d9784064facbf3aaf76e707b9f50790eb
-
SHA512
efbf2856aeb7cf371f4bca0f50c86da751937de525ddea5183ca3a6d48a23fb78fe4b5bef0cf8eb3cf1cba8a3c1aef7498197c8457d814b27050a978220c24b1
Malware Config
Signatures
-
Detected SUNBURST backdoor 1 IoCs
SUNBURST is a backdoor for the SolarWinds Orion platform with extensive capabilities.
Processes:
resource yara_rule sample family_sunburst -
GandCrab Payload 1 IoCs
Processes:
resource yara_rule sample family_gandcrab -
Gandcrab family
-
Sunburst family
-
XMRig Miner Payload 1 IoCs
Processes:
resource yara_rule sample xmrig -
Xmrig family
Files
-
7107416ed9530c314c5119f85e8aba7d9784064facbf3aaf76e707b9f50790eb.bin.sample.dll windows x86