General
-
Target
74c9c570b7b1b383e0f5a266f0f7e17c1336f99e2df28e8be76f7d358c34d707
-
Size
5.0MB
-
Sample
220701-ghfwcsgcd5
-
MD5
da480470e229f27bb2632ade91b37300
-
SHA1
7da6b9048707adf18c997bcaec32d6bebc5580fb
-
SHA256
74c9c570b7b1b383e0f5a266f0f7e17c1336f99e2df28e8be76f7d358c34d707
-
SHA512
a39fba8d3b45345ed54dda14acecdbe815af7261eeabb7bd53ec321d31c0d1ad7a2d0e6e67c7596fbad9bc921c65f2635ec1dfb00805768124a2b17dd7c22d2d
Static task
static1
Behavioral task
behavioral1
Sample
74c9c570b7b1b383e0f5a266f0f7e17c1336f99e2df28e8be76f7d358c34d707.dll
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
74c9c570b7b1b383e0f5a266f0f7e17c1336f99e2df28e8be76f7d358c34d707.dll
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
74c9c570b7b1b383e0f5a266f0f7e17c1336f99e2df28e8be76f7d358c34d707
-
Size
5.0MB
-
MD5
da480470e229f27bb2632ade91b37300
-
SHA1
7da6b9048707adf18c997bcaec32d6bebc5580fb
-
SHA256
74c9c570b7b1b383e0f5a266f0f7e17c1336f99e2df28e8be76f7d358c34d707
-
SHA512
a39fba8d3b45345ed54dda14acecdbe815af7261eeabb7bd53ec321d31c0d1ad7a2d0e6e67c7596fbad9bc921c65f2635ec1dfb00805768124a2b17dd7c22d2d
Score10/10-
suricata: ET MALWARE Known Sinkhole Response Kryptos Logic
suricata: ET MALWARE Known Sinkhole Response Kryptos Logic
-
suricata: ET MALWARE W32/WannaCry.Ransomware Killswitch Domain HTTP Request 1
suricata: ET MALWARE W32/WannaCry.Ransomware Killswitch Domain HTTP Request 1
-
Contacts a large (830) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Executes dropped EXE
-
Drops file in System32 directory
-