General
-
Target
41f69f5fe88422ba11f593ce216cee84775c5c896defb9eab391fa06bcc24cf5
-
Size
5.0MB
-
Sample
220708-elxxyaafg6
-
MD5
ad46e85c3890145837f40e4f26720a87
-
SHA1
6e349a578fcbd339f54f718caf9371a887c5665f
-
SHA256
41f69f5fe88422ba11f593ce216cee84775c5c896defb9eab391fa06bcc24cf5
-
SHA512
dc7146efa798f3b3194b30c49bfa82a47f09f4f961afacebdff6065c3fbd89c67f251aabf18da29b718c344a9b02727493353ea8347e0f4dd164315690dbbed4
Static task
static1
Behavioral task
behavioral1
Sample
41f69f5fe88422ba11f593ce216cee84775c5c896defb9eab391fa06bcc24cf5.dll
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
41f69f5fe88422ba11f593ce216cee84775c5c896defb9eab391fa06bcc24cf5.dll
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
41f69f5fe88422ba11f593ce216cee84775c5c896defb9eab391fa06bcc24cf5
-
Size
5.0MB
-
MD5
ad46e85c3890145837f40e4f26720a87
-
SHA1
6e349a578fcbd339f54f718caf9371a887c5665f
-
SHA256
41f69f5fe88422ba11f593ce216cee84775c5c896defb9eab391fa06bcc24cf5
-
SHA512
dc7146efa798f3b3194b30c49bfa82a47f09f4f961afacebdff6065c3fbd89c67f251aabf18da29b718c344a9b02727493353ea8347e0f4dd164315690dbbed4
Score10/10-
suricata: ET MALWARE Known Sinkhole Response Kryptos Logic
suricata: ET MALWARE Known Sinkhole Response Kryptos Logic
-
suricata: ET MALWARE W32/WannaCry.Ransomware Killswitch Domain HTTP Request 1
suricata: ET MALWARE W32/WannaCry.Ransomware Killswitch Domain HTTP Request 1
-
Contacts a large (3304) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Contacts a large (1290) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Executes dropped EXE
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Drops file in System32 directory
-