General
-
Target
55bc52ead4c668b4dad978bebd80821a68eccd36b3927072a5d113cd5d79a27a
-
Size
3.6MB
-
Sample
220615-vzcf6ahdcm
-
MD5
e8089341ee0442a2ecf82e4b70829143
-
SHA1
cec9a0b3c2914b49bf0b5dbbd3b1907cb8a6b578
-
SHA256
55bc52ead4c668b4dad978bebd80821a68eccd36b3927072a5d113cd5d79a27a
-
SHA512
738f731a3e118245c092a99e6822bb6e3f2294bcf4ec28ff4bbf43a98a0567d8d8d7b9ffff1bb5f7a9162335427c2e682a5ad48c9f9413818cd3baf81c6f0862
Static task
static1
Behavioral task
behavioral1
Sample
55bc52ead4c668b4dad978bebd80821a68eccd36b3927072a5d113cd5d79a27a.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
55bc52ead4c668b4dad978bebd80821a68eccd36b3927072a5d113cd5d79a27a.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
55bc52ead4c668b4dad978bebd80821a68eccd36b3927072a5d113cd5d79a27a
-
Size
3.6MB
-
MD5
e8089341ee0442a2ecf82e4b70829143
-
SHA1
cec9a0b3c2914b49bf0b5dbbd3b1907cb8a6b578
-
SHA256
55bc52ead4c668b4dad978bebd80821a68eccd36b3927072a5d113cd5d79a27a
-
SHA512
738f731a3e118245c092a99e6822bb6e3f2294bcf4ec28ff4bbf43a98a0567d8d8d7b9ffff1bb5f7a9162335427c2e682a5ad48c9f9413818cd3baf81c6f0862
Score10/10-
suricata: ET MALWARE Known Sinkhole Response Kryptos Logic
suricata: ET MALWARE Known Sinkhole Response Kryptos Logic
-
suricata: ET MALWARE W32/WannaCry.Ransomware Killswitch Domain HTTP Request 1
suricata: ET MALWARE W32/WannaCry.Ransomware Killswitch Domain HTTP Request 1
-
Contacts a large (3208) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Contacts a large (1302) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Executes dropped EXE
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Drops file in System32 directory
-