Overview

overview

10

Static

static

10

469e06adc6...65.dll

windows7-x64

3

469e06adc6...65.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8627196347.zip

  • Size

    4.5MB

  • MD5

    8a5b99511113960d4c4b59b1fc592352

  • SHA1

    e3f38b068b957b17830049036e0018b7bafc036f

  • SHA256

    871ae5b567e478dd9a5f3601f24758d1315f38b659497a9bda3c701776fc8409

  • SHA512

    b62b9afa58139e46c8c1feec155122d3bc1dca6909c11b6d1012825352ce5ad7095c06f6f0511d1cd105d7d64fb414b3f7947801b91a4a06b295a10ec3926219

  • SSDEEP

    98304:EPkRs3h5oKAcTeBNwFTUhlWxXNwBuFkTtkCSTqh/jz5NSTdT+X4hnI:nUh5UFBUYhlMo+E5HSTZ+X42

Score
10/10
minerbackdooramadeygandcrabxmrigmountlockersunburst

Malware Config

Signatures

  • Amadey family
    amadey
  • Detect Amadey credential stealer module 1 IoCs
  • Detected Mount Locker ransomware 1 IoCs
  • Detected SUNBURST backdoor 1 IoCs

    SUNBURST is a backdoor for the SolarWinds Orion platform with extensive capabilities.

    backdoor
  • GandCrab payload 1 IoCs
  • Gandcrab family
    gandcrab
  • Mountlocker family
    mountlocker
  • Sunburst family
    sunburst
  • XMRig Miner payload 1 IoCs
    miner
  • Xmrig family
    xmrig

Files

  • 8627196347.zip
    .zip

    Password: infected

  • 469e06adc60ffd19490a9fe561ceff99cc5c8ce5b0ddb652a24acd03265c0c65
    .dll windows x86


    Headers

    Sections