General
-
Target
48c6ca7644be11df7661994f1fb90dbe0a5f537a4d425edcc5dc12fdd956d281
-
Size
5.0MB
-
Sample
220714-ccb8rsbee7
-
MD5
1ced543091b9dc5fd59237f675d6dd90
-
SHA1
d464770ef157cef154d181573c81bd3cba357127
-
SHA256
48c6ca7644be11df7661994f1fb90dbe0a5f537a4d425edcc5dc12fdd956d281
-
SHA512
cc279ee918c59f0f12ab51b2a88ac2ee801be6adbacce368bc84b6b6dba781c0c0fa6d389a2cc420503ead178efb1336c2bcb40052049664a1c8486d807029d2
Static task
static1
Behavioral task
behavioral1
Sample
48c6ca7644be11df7661994f1fb90dbe0a5f537a4d425edcc5dc12fdd956d281.dll
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
48c6ca7644be11df7661994f1fb90dbe0a5f537a4d425edcc5dc12fdd956d281.dll
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
48c6ca7644be11df7661994f1fb90dbe0a5f537a4d425edcc5dc12fdd956d281
-
Size
5.0MB
-
MD5
1ced543091b9dc5fd59237f675d6dd90
-
SHA1
d464770ef157cef154d181573c81bd3cba357127
-
SHA256
48c6ca7644be11df7661994f1fb90dbe0a5f537a4d425edcc5dc12fdd956d281
-
SHA512
cc279ee918c59f0f12ab51b2a88ac2ee801be6adbacce368bc84b6b6dba781c0c0fa6d389a2cc420503ead178efb1336c2bcb40052049664a1c8486d807029d2
Score10/10-
suricata: ET MALWARE Known Sinkhole Response Kryptos Logic
suricata: ET MALWARE Known Sinkhole Response Kryptos Logic
-
suricata: ET MALWARE W32/WannaCry.Ransomware Killswitch Domain HTTP Request 1
suricata: ET MALWARE W32/WannaCry.Ransomware Killswitch Domain HTTP Request 1
-
Contacts a large (1300) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Executes dropped EXE
-
Drops file in System32 directory
-