Behavioral task
behavioral1
Sample
35823106288275adb9d1bd4bc25f08d8c1b8803540b8d8b2040b8098a1450ace.bin.sample.dll
Resource
win7v20210410
Behavioral task
behavioral2
Sample
35823106288275adb9d1bd4bc25f08d8c1b8803540b8d8b2040b8098a1450ace.bin.sample.dll
Resource
win10v20210410
General
-
Target
35823106288275adb9d1bd4bc25f08d8c1b8803540b8d8b2040b8098a1450ace.bin.sample
-
Size
8.1MB
-
MD5
d312c332180ca2fbc961dbe7557690de
-
SHA1
115a5a6c3b8e40d3abca0e99dd355141ef7a35ba
-
SHA256
35823106288275adb9d1bd4bc25f08d8c1b8803540b8d8b2040b8098a1450ace
-
SHA512
29dfa09bd920638bb0eeb977dc80f6e975c1192d984b41a13ce1c297685d8881a7c2958ff3884612ca72a4c5fc1457093b7724d27414ad905f008c77f17eb4ab
Malware Config
Signatures
-
Detected SUNBURST backdoor 1 IoCs
SUNBURST is a backdoor for the SolarWinds Orion platform with extensive capabilities.
Processes:
resource yara_rule sample family_sunburst -
GandCrab Payload 1 IoCs
Processes:
resource yara_rule sample family_gandcrab -
Gandcrab family
-
Sunburst family
-
XMRig Miner Payload 1 IoCs
Processes:
resource yara_rule sample xmrig -
Xmrig family
Files
-
35823106288275adb9d1bd4bc25f08d8c1b8803540b8d8b2040b8098a1450ace.bin.sample.dll windows x86