General
-
Target
50e4e4a7bc3167441392789c32897736154d552795c9a8bad0d91558eaaf0f7e
-
Size
5.0MB
-
Sample
220718-x5l9nafehn
-
MD5
ef308fb6f974a766ab59bb68b1864aa1
-
SHA1
9a79e44bd36f3405c319255c7a17e3c4ad98fa99
-
SHA256
50e4e4a7bc3167441392789c32897736154d552795c9a8bad0d91558eaaf0f7e
-
SHA512
75bc2d6ad9dcd4070f0133f560a4c5ad1bf2050bc70430c71ae7c163f5fa9a42441aebfde143c2aec024752b0e509ce326957f8ba09d9de7336bd49c8b4932dd
Static task
static1
Behavioral task
behavioral1
Sample
50e4e4a7bc3167441392789c32897736154d552795c9a8bad0d91558eaaf0f7e.dll
Resource
win7-20220715-en
Behavioral task
behavioral2
Sample
50e4e4a7bc3167441392789c32897736154d552795c9a8bad0d91558eaaf0f7e.dll
Resource
win10v2004-20220718-en
Malware Config
Targets
-
-
Target
50e4e4a7bc3167441392789c32897736154d552795c9a8bad0d91558eaaf0f7e
-
Size
5.0MB
-
MD5
ef308fb6f974a766ab59bb68b1864aa1
-
SHA1
9a79e44bd36f3405c319255c7a17e3c4ad98fa99
-
SHA256
50e4e4a7bc3167441392789c32897736154d552795c9a8bad0d91558eaaf0f7e
-
SHA512
75bc2d6ad9dcd4070f0133f560a4c5ad1bf2050bc70430c71ae7c163f5fa9a42441aebfde143c2aec024752b0e509ce326957f8ba09d9de7336bd49c8b4932dd
Score10/10-
suricata: ET MALWARE Known Sinkhole Response Kryptos Logic
suricata: ET MALWARE Known Sinkhole Response Kryptos Logic
-
suricata: ET MALWARE W32/WannaCry.Ransomware Killswitch Domain HTTP Request 1
suricata: ET MALWARE W32/WannaCry.Ransomware Killswitch Domain HTTP Request 1
-
Contacts a large (1303) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Executes dropped EXE
-
Drops file in System32 directory
-