General
-
Target
27b656167ee5504bcd296075509bcbdb09b1aba52aec630ec84d23b0a2dbd90e
-
Size
5.0MB
-
Sample
220616-d44b1achg6
-
MD5
118eedee15f92a246867fed1e15bfda1
-
SHA1
5ff90cf70d36d8be902e23bba87e9df6ccb3dad7
-
SHA256
27b656167ee5504bcd296075509bcbdb09b1aba52aec630ec84d23b0a2dbd90e
-
SHA512
7259fcad1c439c2b901203d1f35ed2569dfa6f0018b33c6710343cf731c0a7c09a6aa7a20b37fd57b393c536a3d399da37bc068a1a646f17350c68d959040c8b
Static task
static1
Behavioral task
behavioral1
Sample
27b656167ee5504bcd296075509bcbdb09b1aba52aec630ec84d23b0a2dbd90e.dll
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
27b656167ee5504bcd296075509bcbdb09b1aba52aec630ec84d23b0a2dbd90e.dll
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
27b656167ee5504bcd296075509bcbdb09b1aba52aec630ec84d23b0a2dbd90e
-
Size
5.0MB
-
MD5
118eedee15f92a246867fed1e15bfda1
-
SHA1
5ff90cf70d36d8be902e23bba87e9df6ccb3dad7
-
SHA256
27b656167ee5504bcd296075509bcbdb09b1aba52aec630ec84d23b0a2dbd90e
-
SHA512
7259fcad1c439c2b901203d1f35ed2569dfa6f0018b33c6710343cf731c0a7c09a6aa7a20b37fd57b393c536a3d399da37bc068a1a646f17350c68d959040c8b
Score10/10-
suricata: ET MALWARE Known Sinkhole Response Kryptos Logic
suricata: ET MALWARE Known Sinkhole Response Kryptos Logic
-
suricata: ET MALWARE W32/WannaCry.Ransomware Killswitch Domain HTTP Request 1
suricata: ET MALWARE W32/WannaCry.Ransomware Killswitch Domain HTTP Request 1
-
Contacts a large (3168) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Contacts a large (950) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Executes dropped EXE
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Drops file in System32 directory
-