General
-
Target
2e67865b954436c36f6233e1cd7337e643f4369639a7c8f7175721e884981884
-
Size
5.0MB
-
Sample
220622-kpxz1aegd4
-
MD5
5d446ad3d84db7a2acad9b403129e072
-
SHA1
38bb2766c0bf3f1a06ef60f4ec9d1cf35c878964
-
SHA256
2e67865b954436c36f6233e1cd7337e643f4369639a7c8f7175721e884981884
-
SHA512
3d376e294269ffdf5c18972512ca2e89d6735705318d51dd1d8d3ea12d0b301be052b979243cb1e9e546693d3f762083fcf58817a8b91b6555ffc97ff5758452
Static task
static1
Behavioral task
behavioral1
Sample
2e67865b954436c36f6233e1cd7337e643f4369639a7c8f7175721e884981884.dll
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
2e67865b954436c36f6233e1cd7337e643f4369639a7c8f7175721e884981884.dll
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
2e67865b954436c36f6233e1cd7337e643f4369639a7c8f7175721e884981884
-
Size
5.0MB
-
MD5
5d446ad3d84db7a2acad9b403129e072
-
SHA1
38bb2766c0bf3f1a06ef60f4ec9d1cf35c878964
-
SHA256
2e67865b954436c36f6233e1cd7337e643f4369639a7c8f7175721e884981884
-
SHA512
3d376e294269ffdf5c18972512ca2e89d6735705318d51dd1d8d3ea12d0b301be052b979243cb1e9e546693d3f762083fcf58817a8b91b6555ffc97ff5758452
Score10/10-
suricata: ET MALWARE Known Sinkhole Response Kryptos Logic
suricata: ET MALWARE Known Sinkhole Response Kryptos Logic
-
suricata: ET MALWARE W32/WannaCry.Ransomware Killswitch Domain HTTP Request 1
suricata: ET MALWARE W32/WannaCry.Ransomware Killswitch Domain HTTP Request 1
-
Contacts a large (3225) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Executes dropped EXE
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Drops file in System32 directory
-