General
-
Target
287e5812b0c53fe94fc90a3f31b97fbee3d7b9f8fa5b7f38bd59c3d8014ef006
-
Size
729KB
-
Sample
220615-vzearacca6
-
MD5
5fcd0a130e461d18edf2e5bdb69c8ffe
-
SHA1
2becd1c33e15a7282abccf574a2c4ae1957bf9e3
-
SHA256
287e5812b0c53fe94fc90a3f31b97fbee3d7b9f8fa5b7f38bd59c3d8014ef006
-
SHA512
3be636a3505c37c137ea0dc2f5610d872ab1dd3769b95eb3fe1694b0475c8b8b2cfefe244b490fa51f27ff38cf1d596439cbac70081df89822f4a2b823f86e30
Static task
static1
Behavioral task
behavioral1
Sample
mssecsvc.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
mssecsvc.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
mssecsvc.exe
-
Size
3.6MB
-
MD5
e8089341ee0442a2ecf82e4b70829143
-
SHA1
cec9a0b3c2914b49bf0b5dbbd3b1907cb8a6b578
-
SHA256
55bc52ead4c668b4dad978bebd80821a68eccd36b3927072a5d113cd5d79a27a
-
SHA512
738f731a3e118245c092a99e6822bb6e3f2294bcf4ec28ff4bbf43a98a0567d8d8d7b9ffff1bb5f7a9162335427c2e682a5ad48c9f9413818cd3baf81c6f0862
Score10/10-
suricata: ET MALWARE Known Sinkhole Response Kryptos Logic
suricata: ET MALWARE Known Sinkhole Response Kryptos Logic
-
suricata: ET MALWARE W32/WannaCry.Ransomware Killswitch Domain HTTP Request 1
suricata: ET MALWARE W32/WannaCry.Ransomware Killswitch Domain HTTP Request 1
-
Contacts a large (3320) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Contacts a large (1277) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Executes dropped EXE
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Drops file in System32 directory
-