Overview

overview

10

Static

static

10

dd425db362...22.dll

windows7-x64

3

dd425db362...22.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8600033046.zip

  • Size

    4.5MB

  • MD5

    7432c5959b79eee9ebc00fc57c8ac42c

  • SHA1

    5df2e126a5c03c77f3e1e95a091ff7df58534183

  • SHA256

    339f438bd8a7892d35ad80d63e305ef2f2418e217b3c2e21fb1b895b2d14c736

  • SHA512

    3955d606560ea126b8c6594b989eff41d4799a22811cfb12611631a44ceca580ed2adddce643b6f6fcf6b56370cd24bf6be83d826d168658caafa65a5d4d4279

  • SSDEEP

    98304:RuMD932Ev+Z+a8fnohFt2XsUQMc7/YbTwQmEKFSVc6r/GA+2t:wMD9D2kkhFA8JMI/tQfKFSVsD2t

Score
10/10
minerbackdooramadeygandcrabxmrigmountlockersunburst

Malware Config

Signatures

  • Amadey family
    amadey
  • Detect Amadey credential stealer module 1 IoCs
  • Detected Mount Locker ransomware 1 IoCs
  • Detected SUNBURST backdoor 1 IoCs

    SUNBURST is a backdoor for the SolarWinds Orion platform with extensive capabilities.

    backdoor
  • GandCrab payload 1 IoCs
  • Gandcrab family
    gandcrab
  • Mountlocker family
    mountlocker
  • Sunburst family
    sunburst
  • XMRig Miner payload 1 IoCs
    miner
  • Xmrig family
    xmrig

Files

  • 8600033046.zip
    .zip

    Password: infected

  • dd425db3620333dcc59dde469e14ac5974037505cbaeabecb36e7573c260ff22
    .dll windows x86


    Headers

    Sections