Behavioral task
behavioral1
Sample
738e50879d1ef6f9c4a1f4d0fcd1fe1df2dbed732dbbf66609d5e297e819e8f9.exe
Resource
win7v20210408
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
738e50879d1ef6f9c4a1f4d0fcd1fe1df2dbed732dbbf66609d5e297e819e8f9.exe
Resource
win10-en
windows10_x64
0 signatures
0 seconds
General
-
Target
738e50879d1ef6f9c4a1f4d0fcd1fe1df2dbed732dbbf66609d5e297e819e8f9.zip
-
Size
2.6MB
-
MD5
9481497727f6789bd8cf69039cf6b0da
-
SHA1
3f906df6a71905ace3508317ada6213303000516
-
SHA256
cbd17c6f980e5ab7412ef8e35766fe9ade433d714b3064a5b4a1aa054ca663f9
-
SHA512
f11d7aaa114cce8dd18ddca5b4ecf397ffdc67ad5ed57a73db4036a8bda5a1c5e7ab04dceeec4de6f0b8cd2b1f51dda85447771b00aaff306af3be808505a161
Malware Config
Signatures
-
Ardamax Main Executable 1 IoCs
Processes:
resource yara_rule static1/unpack001/738e50879d1ef6f9c4a1f4d0fcd1fe1df2dbed732dbbf66609d5e297e819e8f9 family_ardamax -
Ardamax family
-
GandCrab Payload 1 IoCs
Processes:
resource yara_rule static1/unpack001/738e50879d1ef6f9c4a1f4d0fcd1fe1df2dbed732dbbf66609d5e297e819e8f9 family_gandcrab -
Gandcrab family
-
Mimikatz family
-
mimikatz is an open source tool to dump credentials on Windows 1 IoCs
Processes:
resource yara_rule static1/unpack001/738e50879d1ef6f9c4a1f4d0fcd1fe1df2dbed732dbbf66609d5e297e819e8f9 mimikatz
Files
-
738e50879d1ef6f9c4a1f4d0fcd1fe1df2dbed732dbbf66609d5e297e819e8f9.zip.zip
Password: infected
-
738e50879d1ef6f9c4a1f4d0fcd1fe1df2dbed732dbbf66609d5e297e819e8f9.exe windows x64