Analysis Overview
SHA256
fd8c3de462fa78098647dc72a73198e3bcef183d24cc5928343a0498c293667c
Threat Level: Known bad
The file fd8c3de462fa78098647dc72a73198e3bcef183d24cc5928343a0498c293667c was found to be: Known bad.
Malicious Activity Summary
Sodinokibi family
Sodinokibi/Revil sample
MITRE ATT&CK
Analysis: static1
Detonation Overview
Reported
2022-01-30 07:38
Signatures
Sodinokibi family
Sodinokibi/Revil sample
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2022-01-30 07:38
Reported
2022-01-30 13:04
Platform
win7-en-20211208
Max time kernel
119s
Max time network
124s
Command Line
Signatures
Processes
C:\Users\Admin\AppData\Local\Temp\fd8c3de462fa78098647dc72a73198e3bcef183d24cc5928343a0498c293667c.exe
"C:\Users\Admin\AppData\Local\Temp\fd8c3de462fa78098647dc72a73198e3bcef183d24cc5928343a0498c293667c.exe"
Network
Files
memory/1704-54-0x0000000076001000-0x0000000076003000-memory.dmp
Analysis: behavioral2
Detonation Overview
Submitted
2022-01-30 07:38
Reported
2022-01-30 13:04
Platform
win10-en-20211208
Max time kernel
120s
Max time network
140s
Command Line
Signatures
Processes
C:\Users\Admin\AppData\Local\Temp\fd8c3de462fa78098647dc72a73198e3bcef183d24cc5928343a0498c293667c.exe
"C:\Users\Admin\AppData\Local\Temp\fd8c3de462fa78098647dc72a73198e3bcef183d24cc5928343a0498c293667c.exe"