General
-
Target
408d55f5079c3c771c5e5dd310332cb9ac85cfec02fa9469538d4fb83e51efac
-
Size
5.0MB
-
Sample
220708-tqepgshecj
-
MD5
0e3e5e700886a192d323c1012c6c1b2b
-
SHA1
f7f6317e536229c740c82428c1f9bbe0ef557586
-
SHA256
408d55f5079c3c771c5e5dd310332cb9ac85cfec02fa9469538d4fb83e51efac
-
SHA512
89b9ee348fe70ce34a74e67365c63c8c4f4bd029e1f3738add65f1e5edb0b9ca4c5ddda56b17c744ce155a046a6653e44184a5fdbf23f2c131e0651d7b8d650f
Static task
static1
Behavioral task
behavioral1
Sample
408d55f5079c3c771c5e5dd310332cb9ac85cfec02fa9469538d4fb83e51efac.dll
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
408d55f5079c3c771c5e5dd310332cb9ac85cfec02fa9469538d4fb83e51efac.dll
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
408d55f5079c3c771c5e5dd310332cb9ac85cfec02fa9469538d4fb83e51efac
-
Size
5.0MB
-
MD5
0e3e5e700886a192d323c1012c6c1b2b
-
SHA1
f7f6317e536229c740c82428c1f9bbe0ef557586
-
SHA256
408d55f5079c3c771c5e5dd310332cb9ac85cfec02fa9469538d4fb83e51efac
-
SHA512
89b9ee348fe70ce34a74e67365c63c8c4f4bd029e1f3738add65f1e5edb0b9ca4c5ddda56b17c744ce155a046a6653e44184a5fdbf23f2c131e0651d7b8d650f
Score10/10-
suricata: ET MALWARE Known Sinkhole Response Kryptos Logic
suricata: ET MALWARE Known Sinkhole Response Kryptos Logic
-
suricata: ET MALWARE W32/WannaCry.Ransomware Killswitch Domain HTTP Request 1
suricata: ET MALWARE W32/WannaCry.Ransomware Killswitch Domain HTTP Request 1
-
Contacts a large (2511) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Contacts a large (1278) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Executes dropped EXE
-
Drops file in System32 directory
-