sodinokibi | fec9fa6763e4871bdacca2da2c35e1fff9a8b9e77a7af7c78e56d6393f07172b

Sharing

Copy URL

Twitter E-mail

General

Target

fec9fa6763e4871bdacca2da2c35e1fff9a8b9e77a7af7c78e56d6393f07172b
Size

122KB
MD5

e78634fce6c1b6849d56baddbdd90ff0
SHA1

c945c84c2ebb9f1857f378a2cb55f6c2327c5a40
SHA256

fec9fa6763e4871bdacca2da2c35e1fff9a8b9e77a7af7c78e56d6393f07172b
SHA512

d2b861bca323f343360e9edb0139c443b2410a6fbad65179ab0d32477eb001b31bf9dcf75072870da2e9555c119dae42de09e32632cf01e60ca8227344c570a6
SSDEEP

1536:ltGWLP+A/+YLRzdN2pSCV/kHICS4AEttcCpGu0:ml4zdN6diInN

Score

10^/10

sodinokibi

Malware Config

Signatures

Sodinokibi family
sodinokibi
Sodinokibi/Revil sample 1 IoCs

Processes:

resource yara_rule

sample family_sodinokobi

resource	yara_rule
sample	family_sodinokobi

Files

fec9fa6763e4871bdacca2da2c35e1fff9a8b9e77a7af7c78e56d6393f07172b
.exe windows x86

Code Sign

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xdx7q
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

CODE
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.l1
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didat
Size: 512B - Virtual size: 6B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.didatjo
Size: 512B - Virtual size: 6B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

b3L0mk
Size: 512B - Virtual size: 64B

FeJYgc
Size: 512B - Virtual size: 128B

:W[hUB
Size: 512B - Virtual size: 32B

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

RP1Y3<
Size: 512B - Virtual size: 64B

.didatjo
Size: 512B - Virtual size: 6B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

W5R_8q
Size: 512B - Virtual size: 128B

Sharing

General

Malware Config

Signatures

Files

Code Sign

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 41KB - Virtual size: 41KB

.rdata Size: 15KB - Virtual size: 15KB

.data Size: 3KB - Virtual size: 3KB

.xdx7q Size: 50KB - Virtual size: 50KB

.rsrc Size: 2KB - Virtual size: 1KB

CODE Size: 2KB - Virtual size: 1KB

.l1 Size: 2KB - Virtual size: 2KB

.didat Size: 512B - Virtual size: 6B

.didatjo Size: 512B - Virtual size: 6B

b3L0mk Size: 512B - Virtual size: 64B

FeJYgc Size: 512B - Virtual size: 128B

:W[hUB Size: 512B - Virtual size: 32B

RP1Y3< Size: 512B - Virtual size: 64B

.didatjo Size: 512B - Virtual size: 6B

W5R_8q Size: 512B - Virtual size: 128B

.text
Size: 41KB - Virtual size: 41KB

.rdata
Size: 15KB - Virtual size: 15KB

.data
Size: 3KB - Virtual size: 3KB

.xdx7q
Size: 50KB - Virtual size: 50KB

.rsrc
Size: 2KB - Virtual size: 1KB

CODE
Size: 2KB - Virtual size: 1KB

.l1
Size: 2KB - Virtual size: 2KB

.didat
Size: 512B - Virtual size: 6B

.didatjo
Size: 512B - Virtual size: 6B

b3L0mk
Size: 512B - Virtual size: 64B

FeJYgc
Size: 512B - Virtual size: 128B

:W[hUB
Size: 512B - Virtual size: 32B

RP1Y3<
Size: 512B - Virtual size: 64B

.didatjo
Size: 512B - Virtual size: 6B

W5R_8q
Size: 512B - Virtual size: 128B