Behavioral task
behavioral1
Sample
77068f0e1f215ff92cda33dcbcfa37bee083c0fd8243c074d68cb13932647f54.bin.sample.dll
Resource
win7v20210410
Behavioral task
behavioral2
Sample
77068f0e1f215ff92cda33dcbcfa37bee083c0fd8243c074d68cb13932647f54.bin.sample.dll
Resource
win10v20210410
General
-
Target
77068f0e1f215ff92cda33dcbcfa37bee083c0fd8243c074d68cb13932647f54.bin.sample
-
Size
8.2MB
-
MD5
93b6be42206659294f67a83285328eaf
-
SHA1
17ff1b25fd647c2b2a026ff8044784a7dc29da6b
-
SHA256
77068f0e1f215ff92cda33dcbcfa37bee083c0fd8243c074d68cb13932647f54
-
SHA512
1377ac279fb6a12cce9ca2d63caa16ae0f8c64ebc29fd38f28ee9f29ab076c07a5f34bcf2e44a0c753fbf82554d0bfc171b02a8e5eba0249657377ed85460aa4
Malware Config
Signatures
-
Detected SUNBURST backdoor 1 IoCs
SUNBURST is a backdoor for the SolarWinds Orion platform with extensive capabilities.
Processes:
resource yara_rule sample family_sunburst -
GandCrab Payload 1 IoCs
Processes:
resource yara_rule sample family_gandcrab -
Gandcrab family
-
Sunburst family
-
XMRig Miner Payload 1 IoCs
Processes:
resource yara_rule sample xmrig -
Xmrig family
Files
-
77068f0e1f215ff92cda33dcbcfa37bee083c0fd8243c074d68cb13932647f54.bin.sample.dll windows x86