General
-
Target
3523eaea635d4f782c31bddf9faa325b926c7cd6248ba5472c3742c8d136d99c
-
Size
5.0MB
-
Sample
220619-xda3babch7
-
MD5
450f9c7181311b782c0308b98f0aeb49
-
SHA1
346f9b7b2f91d3d16759d0de5345e54e467d77cf
-
SHA256
3523eaea635d4f782c31bddf9faa325b926c7cd6248ba5472c3742c8d136d99c
-
SHA512
4de16f91d36ab4be5df34e5b4cd0331c964e1faa82e1a5f25f69b33a7eb10973f0ffa692b63527fc4d412086354f712a5d64038ef4a94957e76d29270b236a69
Static task
static1
Behavioral task
behavioral1
Sample
3523eaea635d4f782c31bddf9faa325b926c7cd6248ba5472c3742c8d136d99c.dll
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
3523eaea635d4f782c31bddf9faa325b926c7cd6248ba5472c3742c8d136d99c.dll
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
3523eaea635d4f782c31bddf9faa325b926c7cd6248ba5472c3742c8d136d99c
-
Size
5.0MB
-
MD5
450f9c7181311b782c0308b98f0aeb49
-
SHA1
346f9b7b2f91d3d16759d0de5345e54e467d77cf
-
SHA256
3523eaea635d4f782c31bddf9faa325b926c7cd6248ba5472c3742c8d136d99c
-
SHA512
4de16f91d36ab4be5df34e5b4cd0331c964e1faa82e1a5f25f69b33a7eb10973f0ffa692b63527fc4d412086354f712a5d64038ef4a94957e76d29270b236a69
Score10/10-
suricata: ET MALWARE Known Sinkhole Response Kryptos Logic
suricata: ET MALWARE Known Sinkhole Response Kryptos Logic
-
suricata: ET MALWARE W32/WannaCry.Ransomware Killswitch Domain HTTP Request 1
suricata: ET MALWARE W32/WannaCry.Ransomware Killswitch Domain HTTP Request 1
-
Contacts a large (3246) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Contacts a large (1261) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Executes dropped EXE
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Drops file in System32 directory
-