General
-
Target
5c7ccee392be19a1410dd69479bb9aaa
-
Size
5.0MB
-
Sample
220720-back3sadem
-
MD5
5c7ccee392be19a1410dd69479bb9aaa
-
SHA1
b35778532b222a35147c77a7a4497a236793815b
-
SHA256
f72611c5668e9ea1177f96b11318d74b446eaba038723226d0b9d02173f00086
-
SHA512
63d2670b01294ba10e9047f8de06a3c0a8ce04eaae8738577214164b5cb625a45fdec41a2750f088c3c05da38673473678b6ae5d71002d60a943344bb30810cc
Static task
static1
Behavioral task
behavioral1
Sample
5c7ccee392be19a1410dd69479bb9aaa.dll
Resource
win7-20220718-en
Behavioral task
behavioral2
Sample
5c7ccee392be19a1410dd69479bb9aaa.dll
Resource
win10v2004-20220718-en
Malware Config
Targets
-
-
Target
5c7ccee392be19a1410dd69479bb9aaa
-
Size
5.0MB
-
MD5
5c7ccee392be19a1410dd69479bb9aaa
-
SHA1
b35778532b222a35147c77a7a4497a236793815b
-
SHA256
f72611c5668e9ea1177f96b11318d74b446eaba038723226d0b9d02173f00086
-
SHA512
63d2670b01294ba10e9047f8de06a3c0a8ce04eaae8738577214164b5cb625a45fdec41a2750f088c3c05da38673473678b6ae5d71002d60a943344bb30810cc
Score10/10-
Contacts a large (3092) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Contacts a large (1266) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Executes dropped EXE
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Drops file in System32 directory
-