Static task
static1
Behavioral task
behavioral1
Sample
winrun.exe
Resource
win7-en
sodinokibi$2a$12$prox/4ekl8zrpgsc5lnhpecevs5nockouw5r3s4jjydnzzsghvbkq8254evasionransomwarevmprotect
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
winrun.exe
Resource
win10v20210408
sodinokibi$2a$12$prox/4ekl8zrpgsc5lnhpecevs5nockouw5r3s4jjydnzzsghvbkq8254evasionransomwarevmprotect
windows10_x64
0 signatures
0 seconds
General
-
Target
winrun.7z
-
Size
5.5MB
-
MD5
e8c990be97827a5566d8e1d2ef431660
-
SHA1
1f155524cf422d5f09928c1959547337dbe61ac3
-
SHA256
5579c3e8ed7e125f0d7e6c3a62769294d1ba309456d34806106c09e4c59083cf
-
SHA512
c75b3681d23decac0871e2ccd2c75a3204bd7ea9bcdff7f3ad9c56ab14fdfb8f73222e941f0a526bf7c1baae92ca6027be6cab8532bfa345757be5851dcddb4d
Score
8/10
Malware Config
Signatures
-
Processes:
resource yara_rule static1/unpack001/winrun.exe vmprotect
Files
-
winrun.7z.7z
Password: __infected--
-
winrun.exe.exe windows x86