General
-
Target
e23939851f5351b2ceff37634180930d7bd4037edfc0ad1caa0763f094c3e8c1
-
Size
5.0MB
-
Sample
220725-ewsqzaeeej
-
MD5
46273765ba551414751b787b45b9362d
-
SHA1
61f746ee0c72970ebb11d56019ae297750d7b649
-
SHA256
e23939851f5351b2ceff37634180930d7bd4037edfc0ad1caa0763f094c3e8c1
-
SHA512
e9d46361b429fa3aeb126f0492a715aa5f06ad580fb8b3464be1cb324664a7a41cffcb1aea25a976a4336eee0e15cfaa804e36d19d4213b6173c58e7d5036886
Static task
static1
Behavioral task
behavioral1
Sample
e23939851f5351b2ceff37634180930d7bd4037edfc0ad1caa0763f094c3e8c1.dll
Resource
win7-20220718-en
Behavioral task
behavioral2
Sample
e23939851f5351b2ceff37634180930d7bd4037edfc0ad1caa0763f094c3e8c1.dll
Resource
win10v2004-20220721-en
Malware Config
Targets
-
-
Target
e23939851f5351b2ceff37634180930d7bd4037edfc0ad1caa0763f094c3e8c1
-
Size
5.0MB
-
MD5
46273765ba551414751b787b45b9362d
-
SHA1
61f746ee0c72970ebb11d56019ae297750d7b649
-
SHA256
e23939851f5351b2ceff37634180930d7bd4037edfc0ad1caa0763f094c3e8c1
-
SHA512
e9d46361b429fa3aeb126f0492a715aa5f06ad580fb8b3464be1cb324664a7a41cffcb1aea25a976a4336eee0e15cfaa804e36d19d4213b6173c58e7d5036886
Score10/10-
suricata: ET MALWARE Known Sinkhole Response Kryptos Logic
suricata: ET MALWARE Known Sinkhole Response Kryptos Logic
-
suricata: ET MALWARE W32/WannaCry.Ransomware Killswitch Domain HTTP Request 1
suricata: ET MALWARE W32/WannaCry.Ransomware Killswitch Domain HTTP Request 1
-
Contacts a large (2638) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Contacts a large (1280) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Executes dropped EXE
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Drops file in System32 directory
-