Overview

overview

10

Static

static

10

revil_sodinokibi.dll

windows7_x64

6

revil_sodinokibi.dll

windows10_x64

10

revil_sodinokibi.dll

windows10-2004_x64

6

revil_sodinokibi.dll

windows11_x64

revil_sodinokibi.dll

linux_armhf

revil_sodinokibi.dll

linux_mips

revil_sodinokibi.dll

linux_mipsel

revil_sodinokibi.dll

linux_amd64

Resubmissions

16-02-2022 11:03

220216-m52dgabfb6 10

15-02-2022 20:20

220215-y4w8xabagk 10

Analysis

  • max time kernel
    0s
  • platform
    linux_armhf
  • resource
    debian9-armhf-en-20211208
  • submitted
    15-02-2022 20:20

Sharing

Copy URL
Twitter E-mail

Errors

Reason
platform exec: exit status 1: 2021/12/08 17:55:18 insmod stahp.ko pid=357 receiver=10.127.0.1:33789 eternalize_pid=357 2021/12/08 17:55:28 Payload error: fork/exec ./rundll32.exe: no such file or directory
Report Analysis Logs

General

  • Target

    revil_sodinokibi.dll

  • Size

    164KB

  • MD5

    6e3efb83299d800edf1624ecbc0665e7

  • SHA1

    0bd22f204c5373f1a22d9a02c59f69f354a2cc0d

  • SHA256

    2ca64feaaf5ab6cf96677fbc2bc0e1995b3bc93472d7af884139aa757240e3f6

  • SHA512

    dd1675bb15eb8ea2933b25413271117823ad7ff38280e7f552b5201e3a5bef8607a2112df2e24f598449ebfdb570ff9458aba0314ed8819dd4d774ea855e9ad2

Score
1/10

Malware Config

Signatures

Processes

  • ./rundll32.exe
    ./rundll32.exe "%PAYLOAD%,#1"
    1⤵
      PID:363

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads