General
-
Target
46bb61b2ce95915c363845b5e3e9d76fc320e3dff3e05c60b581917678a3f4df
-
Size
5.0MB
-
Sample
220707-jqz1bahgg5
-
MD5
621bfac4cd27269134254c88cf1c7013
-
SHA1
4aba70305bf2f5cfefc9de70fff6ea98b25b1b29
-
SHA256
46bb61b2ce95915c363845b5e3e9d76fc320e3dff3e05c60b581917678a3f4df
-
SHA512
c7cafd9a7bf33ce974590134d3bdb2a67cad7bfc864307495e87606e7fd08f3abe2019c0e65ddcdf45f65ce46971dfb0c9ac696c09fa3f344c7900ef6fdb2002
Static task
static1
Behavioral task
behavioral1
Sample
46bb61b2ce95915c363845b5e3e9d76fc320e3dff3e05c60b581917678a3f4df.dll
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
46bb61b2ce95915c363845b5e3e9d76fc320e3dff3e05c60b581917678a3f4df.dll
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
46bb61b2ce95915c363845b5e3e9d76fc320e3dff3e05c60b581917678a3f4df
-
Size
5.0MB
-
MD5
621bfac4cd27269134254c88cf1c7013
-
SHA1
4aba70305bf2f5cfefc9de70fff6ea98b25b1b29
-
SHA256
46bb61b2ce95915c363845b5e3e9d76fc320e3dff3e05c60b581917678a3f4df
-
SHA512
c7cafd9a7bf33ce974590134d3bdb2a67cad7bfc864307495e87606e7fd08f3abe2019c0e65ddcdf45f65ce46971dfb0c9ac696c09fa3f344c7900ef6fdb2002
Score10/10-
suricata: ET MALWARE Known Sinkhole Response Kryptos Logic
suricata: ET MALWARE Known Sinkhole Response Kryptos Logic
-
suricata: ET MALWARE W32/WannaCry.Ransomware Killswitch Domain HTTP Request 1
suricata: ET MALWARE W32/WannaCry.Ransomware Killswitch Domain HTTP Request 1
-
Contacts a large (3159) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Contacts a large (1237) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Executes dropped EXE
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Drops file in System32 directory
-