General
-
Target
da0a16786d38a70224dfd5655319be64
-
Size
5.0MB
-
Sample
220720-amrp4ahfh3
-
MD5
da0a16786d38a70224dfd5655319be64
-
SHA1
05cadcd056afc937ea596411920d532ad0493d8b
-
SHA256
028308e75e1c0a5a5caa401d2b6cd82c6bf083c22db5c93f855b6ac7706daa90
-
SHA512
e41ff2c3baf3233d26a65eb5806917866a7cb950ab8dcaf1fdb295abd854382b41d050f609103117867623d1c47ebd81a0db9320439d08a6cb5ae8d48569b582
Static task
static1
Behavioral task
behavioral1
Sample
da0a16786d38a70224dfd5655319be64.dll
Resource
win7-20220718-en
Behavioral task
behavioral2
Sample
da0a16786d38a70224dfd5655319be64.dll
Resource
win10v2004-20220718-en
Malware Config
Targets
-
-
Target
da0a16786d38a70224dfd5655319be64
-
Size
5.0MB
-
MD5
da0a16786d38a70224dfd5655319be64
-
SHA1
05cadcd056afc937ea596411920d532ad0493d8b
-
SHA256
028308e75e1c0a5a5caa401d2b6cd82c6bf083c22db5c93f855b6ac7706daa90
-
SHA512
e41ff2c3baf3233d26a65eb5806917866a7cb950ab8dcaf1fdb295abd854382b41d050f609103117867623d1c47ebd81a0db9320439d08a6cb5ae8d48569b582
Score10/10-
Contacts a large (3064) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Contacts a large (1283) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Executes dropped EXE
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Drops file in System32 directory
-