General
-
Target
379d7d15f7031bc529fb5dd06cfb4db861036231705a340f3a7ee89cc88ef02f
-
Size
2.2MB
-
Sample
220625-2n6n7ahae6
-
MD5
2f28fe47a262ab5dd12dded7d5926a93
-
SHA1
f0e53cec9a92bac70667e30cc3b43cfe3899c03f
-
SHA256
379d7d15f7031bc529fb5dd06cfb4db861036231705a340f3a7ee89cc88ef02f
-
SHA512
301ca1adaac5c5e168b01047204cac8315ff425036d7a19c3bd33c87e92a731645b55c22ef16b2c90af1f4ea4cb02c3a3cd05dcf2a6debe9498ab2c57aa89019
Static task
static1
Behavioral task
behavioral1
Sample
379d7d15f7031bc529fb5dd06cfb4db861036231705a340f3a7ee89cc88ef02f.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
379d7d15f7031bc529fb5dd06cfb4db861036231705a340f3a7ee89cc88ef02f.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
379d7d15f7031bc529fb5dd06cfb4db861036231705a340f3a7ee89cc88ef02f
-
Size
2.2MB
-
MD5
2f28fe47a262ab5dd12dded7d5926a93
-
SHA1
f0e53cec9a92bac70667e30cc3b43cfe3899c03f
-
SHA256
379d7d15f7031bc529fb5dd06cfb4db861036231705a340f3a7ee89cc88ef02f
-
SHA512
301ca1adaac5c5e168b01047204cac8315ff425036d7a19c3bd33c87e92a731645b55c22ef16b2c90af1f4ea4cb02c3a3cd05dcf2a6debe9498ab2c57aa89019
Score10/10-
suricata: ET MALWARE Known Sinkhole Response Kryptos Logic
suricata: ET MALWARE Known Sinkhole Response Kryptos Logic
-
suricata: ET MALWARE W32/WannaCry.Ransomware Killswitch Domain HTTP Request 1
suricata: ET MALWARE W32/WannaCry.Ransomware Killswitch Domain HTTP Request 1
-
Contacts a large (2979) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Drops file in System32 directory
-