Behavioral task
behavioral1
Sample
3509b02cb0a2babbddb6a8f51f998fc4175c709f2f8eea24125dd6d553caead3.bin.sample.dll
Resource
win7v20210410
Behavioral task
behavioral2
Sample
3509b02cb0a2babbddb6a8f51f998fc4175c709f2f8eea24125dd6d553caead3.bin.sample.dll
Resource
win10v20210410
General
-
Target
3509b02cb0a2babbddb6a8f51f998fc4175c709f2f8eea24125dd6d553caead3.bin.sample
-
Size
8.1MB
-
MD5
fada1e4d584af359a688b0631d645f4a
-
SHA1
e95e15c225fb25d392282815165fb2dddc267435
-
SHA256
3509b02cb0a2babbddb6a8f51f998fc4175c709f2f8eea24125dd6d553caead3
-
SHA512
1e1015f04383b42520fabdc0f209ec81bcc210b013c89b982f8b61f40f2eb4aad0c804b7c03bad1dd273d7d121845637ab5a52960ae42a647e6aa364e398e06e
Malware Config
Signatures
-
Detected SUNBURST backdoor 1 IoCs
SUNBURST is a backdoor for the SolarWinds Orion platform with extensive capabilities.
Processes:
resource yara_rule sample family_sunburst -
GandCrab Payload 1 IoCs
Processes:
resource yara_rule sample family_gandcrab -
Gandcrab family
-
Sunburst family
-
XMRig Miner Payload 1 IoCs
Processes:
resource yara_rule sample xmrig -
Xmrig family
Files
-
3509b02cb0a2babbddb6a8f51f998fc4175c709f2f8eea24125dd6d553caead3.bin.sample.dll windows x86