sodinokibi | 2024-12-27_e177fceea6f0917ec11ca304c7cbe1db_revil_sodinokibi

Sharing

Copy URL

Twitter E-mail

General

Target

2024-12-27_e177fceea6f0917ec11ca304c7cbe1db_revil_sodinokibi
Size

70KB
MD5

e177fceea6f0917ec11ca304c7cbe1db
SHA1

b10b0bcb0bf35e75c90bb8ea75613c69b8faa4bd
SHA256

c19f33c1e5b7b3d92aac80741b29af4f90d1085d03bef52af96df9c0a4719ee5
SHA512

3d3ca5430100e905ca588c0b60c3dca05100efacb0a3ba1d9ccab4578bca5740083ef4265c1499e71ab2fa71f7a97a5d89b135c864e2ecb84f46ad9eb4e0feea
SSDEEP

1536:SJS+qT+OcTwuGTMKEbii4L/khMICS4Av5GbQ+5:YPYVEb5nBGQ+5

Score

10^/10

sodinokibi

Malware Config

Signatures

Sodinokibi family
sodinokibi

Sodinokibi/Revil sample 1 IoCs

resource	yara_rule
sample	family_sodinokobi

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-12-27_e177fceea6f0917ec11ca304c7cbe1db_revil_sodinokibi

Files

2024-12-27_e177fceea6f0917ec11ca304c7cbe1db_revil_sodinokibi
.exe windows:5 windows x86 arch:x86

b9fbfd5ee5998f0b78b98abff421ebd4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_mbstok
_wtof_l

msvcr100

_i64toa

Sections

.text
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.cfg
Size: 512B - Virtual size: 109B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.extrel
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.textOey
Size: 512B - Virtual size: 6B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

dawh`=
Size: 512B - Virtual size: 128B

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

`PJgpf
Size: 512B - Virtual size: 32B

.l1
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

tsP27U
Size: 512B - Virtual size: 32B

.textOey
Size: 512B - Virtual size: 6B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.l1
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.l1
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b9fbfd5ee5998f0b78b98abff421ebd4

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

msvcr100

Sections

.text Size: 41KB - Virtual size: 41KB

.rdata Size: 15KB - Virtual size: 15KB

.data Size: 3KB - Virtual size: 3KB

.cfg Size: 512B - Virtual size: 109B

.rsrc Size: 2KB - Virtual size: 1KB

.extrel Size: 2KB - Virtual size: 1KB

.textOey Size: 512B - Virtual size: 6B

dawh`= Size: 512B - Virtual size: 128B

`PJgpf Size: 512B - Virtual size: 32B

.l1 Size: 512B - Virtual size: 512B

tsP27U Size: 512B - Virtual size: 32B

.textOey Size: 512B - Virtual size: 6B

.l1 Size: 512B - Virtual size: 512B

.l1 Size: 512B - Virtual size: 512B

.text
Size: 41KB - Virtual size: 41KB

.rdata
Size: 15KB - Virtual size: 15KB

.data
Size: 3KB - Virtual size: 3KB

.cfg
Size: 512B - Virtual size: 109B

.rsrc
Size: 2KB - Virtual size: 1KB

.extrel
Size: 2KB - Virtual size: 1KB

.textOey
Size: 512B - Virtual size: 6B

dawh`=
Size: 512B - Virtual size: 128B

`PJgpf
Size: 512B - Virtual size: 32B

.l1
Size: 512B - Virtual size: 512B

tsP27U
Size: 512B - Virtual size: 32B

.textOey
Size: 512B - Virtual size: 6B

.l1
Size: 512B - Virtual size: 512B

.l1
Size: 512B - Virtual size: 512B