Malware Analysis Report

2025-01-18 19:07

Sample ID 220130-jgvn8sghgk
Target f3ec3e4b019c2a21e5716fbdeea359e9c9183851f24209237f40944e9c9d40d3
SHA256 f3ec3e4b019c2a21e5716fbdeea359e9c9183851f24209237f40944e9c9d40d3
Tags
29 1761 sodinokibi
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

f3ec3e4b019c2a21e5716fbdeea359e9c9183851f24209237f40944e9c9d40d3

Threat Level: Known bad

The file f3ec3e4b019c2a21e5716fbdeea359e9c9183851f24209237f40944e9c9d40d3 was found to be: Known bad.

Malicious Activity Summary

29 1761 sodinokibi

Sodinokibi family

MITRE ATT&CK

N/A

Analysis: static1

Detonation Overview

Reported

2022-01-30 07:38

Signatures

Sodinokibi family

sodinokibi

Analysis: behavioral1

Detonation Overview

Submitted

2022-01-30 07:38

Reported

2022-01-30 13:01

Platform

win7-en-20211208

Max time kernel

3s

Max time network

7s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
US 18.210.126.40:20128 tcp

Files

N/A

Analysis: behavioral2

Detonation Overview

Submitted

2022-01-30 07:38

Reported

2022-01-30 13:01

Platform

win10-en-20211208

Max time kernel

4s

Max time network

2s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Files

N/A