Behavioral task
behavioral1
Sample
0528d945f86be2aae330340548b4acd3f9c0e48a6a2d998c43cd055714c0df78.bin.sample.dll
Resource
win7-en-20210920
Behavioral task
behavioral2
Sample
0528d945f86be2aae330340548b4acd3f9c0e48a6a2d998c43cd055714c0df78.bin.sample.dll
Resource
win10-en-20211014
General
-
Target
0528d945f86be2aae330340548b4acd3f9c0e48a6a2d998c43cd055714c0df78.bin.sample
-
Size
8.4MB
-
MD5
2046a3fdc751f79334628ba49e5c5eb6
-
SHA1
864a55bddcab6cdf14aeb69419250ca8c90bc453
-
SHA256
0528d945f86be2aae330340548b4acd3f9c0e48a6a2d998c43cd055714c0df78
-
SHA512
d560acb71b05047a7ab1b03050d508f7d867e53a1d409bb2cd9c6dd05315c846ed3a31c9ee47cc10a0bb26454466033f2c9b5908b8073a66e4945a7d4a9c84b4
Malware Config
Signatures
-
Detected SUNBURST backdoor 1 IoCs
SUNBURST is a backdoor for the SolarWinds Orion platform with extensive capabilities.
Processes:
resource yara_rule sample family_sunburst -
GandCrab Payload 1 IoCs
Processes:
resource yara_rule sample family_gandcrab -
Gandcrab family
-
Sunburst family
-
XMRig Miner Payload 1 IoCs
Processes:
resource yara_rule sample xmrig -
Xmrig family
Files
-
0528d945f86be2aae330340548b4acd3f9c0e48a6a2d998c43cd055714c0df78.bin.sample.dll windows x86