General
-
Target
4a82d196da45ff09474f521af44f731343e426829e90415c7c65f57c7ecfdba2
-
Size
5.0MB
-
Sample
220712-p9e25seac9
-
MD5
3193ed2ff9928faf1ce5979ff9445359
-
SHA1
cb133ba5940c887b6f326f548c9c35ff30b4598d
-
SHA256
4a82d196da45ff09474f521af44f731343e426829e90415c7c65f57c7ecfdba2
-
SHA512
c67f4e5349c8d85deeb219bfd93a75609f23cbd117417f6cc02435a348d8b8c057d043d3d2ceb8cce5742f2a6beeab419d4a03a4194a78059fbaa8599e7da487
Static task
static1
Behavioral task
behavioral1
Sample
4a82d196da45ff09474f521af44f731343e426829e90415c7c65f57c7ecfdba2.dll
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
4a82d196da45ff09474f521af44f731343e426829e90415c7c65f57c7ecfdba2.dll
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
4a82d196da45ff09474f521af44f731343e426829e90415c7c65f57c7ecfdba2
-
Size
5.0MB
-
MD5
3193ed2ff9928faf1ce5979ff9445359
-
SHA1
cb133ba5940c887b6f326f548c9c35ff30b4598d
-
SHA256
4a82d196da45ff09474f521af44f731343e426829e90415c7c65f57c7ecfdba2
-
SHA512
c67f4e5349c8d85deeb219bfd93a75609f23cbd117417f6cc02435a348d8b8c057d043d3d2ceb8cce5742f2a6beeab419d4a03a4194a78059fbaa8599e7da487
Score10/10-
suricata: ET MALWARE Known Sinkhole Response Kryptos Logic
suricata: ET MALWARE Known Sinkhole Response Kryptos Logic
-
suricata: ET MALWARE W32/WannaCry.Ransomware Killswitch Domain HTTP Request 1
suricata: ET MALWARE W32/WannaCry.Ransomware Killswitch Domain HTTP Request 1
-
Contacts a large (3152) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Contacts a large (1173) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Executes dropped EXE
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Drops file in System32 directory
-