Behavioral task
behavioral1
Sample
f864922f947a6bb7d894245b53795b54b9378c0f7633c521240488e86f60c2c5.elf
Resource
win10v2004-20230220-en
windows10-2004-x64
12 signatures
1800 seconds
General
-
Target
f864922f947a6bb7d894245b53795b54b9378c0f7633c521240488e86f60c2c5.zip
-
Size
32KB
-
MD5
7daacedd3b1dc74479d91452d822f224
-
SHA1
b8e966d3856986f328aaf35bad62b85b44f24427
-
SHA256
34d333651e50392dc88a7ee939232a7c62d479a7665b57280a6552be2b633f0c
-
SHA512
767c2d2bbc72b7981feb2ab14009d6e8b162edf3e095da556e0dc9fd37aca55d0de0f5a5a95310212197d5a949e99360ed2f9df3bc3a92b1970577f7e81913be
-
SSDEEP
768:DC1gSLUr7p2j6LGw3PnbyLr8rIwKCNIrMadp4U:2NLU3Mj6Sw3v23AZqrj4U
Score
10/10
Malware Config
Signatures
-
Sodinokibi family
-
Sodinokibi/Revil Elf 1 IoCs
Processes:
resource yara_rule static1/unpack001/f864922f947a6bb7d894245b53795b54b9378c0f7633c521240488e86f60c2c5.elf family_sodinokobi_elf
Files
-
f864922f947a6bb7d894245b53795b54b9378c0f7633c521240488e86f60c2c5.zip.zip
Password: infected
-
f864922f947a6bb7d894245b53795b54b9378c0f7633c521240488e86f60c2c5.elf.elf linux x64