Source: vy3mvlAaCZ.exe, type: SAMPLE |
Matched rule: detects Reflective DLL injection artifacts Author: ditekSHen |
Source: vy3mvlAaCZ.exe, type: SAMPLE |
Matched rule: Gandcrab Payload Author: kevoreilly |
Source: vy3mvlAaCZ.exe, type: SAMPLE |
Matched rule: Win32_Ransomware_GandCrab Author: ReversingLabs |
Source: 0.0.vy3mvlAaCZ.exe.944250.5.unpack, type: UNPACKEDPE |
Matched rule: detects Reflective DLL injection artifacts Author: ditekSHen |
Source: 0.0.vy3mvlAaCZ.exe.944250.5.unpack, type: UNPACKEDPE |
Matched rule: Gandcrab Payload Author: kevoreilly |
Source: 0.0.vy3mvlAaCZ.exe.944250.5.unpack, type: UNPACKEDPE |
Matched rule: Win32_Ransomware_GandCrab Author: ReversingLabs |
Source: 0.0.vy3mvlAaCZ.exe.944250.3.unpack, type: UNPACKEDPE |
Matched rule: detects Reflective DLL injection artifacts Author: ditekSHen |
Source: 0.0.vy3mvlAaCZ.exe.944250.3.unpack, type: UNPACKEDPE |
Matched rule: Gandcrab Payload Author: kevoreilly |
Source: 0.0.vy3mvlAaCZ.exe.944250.3.unpack, type: UNPACKEDPE |
Matched rule: Win32_Ransomware_GandCrab Author: ReversingLabs |
Source: 0.0.vy3mvlAaCZ.exe.944250.1.unpack, type: UNPACKEDPE |
Matched rule: detects Reflective DLL injection artifacts Author: ditekSHen |
Source: 0.0.vy3mvlAaCZ.exe.944250.1.unpack, type: UNPACKEDPE |
Matched rule: Gandcrab Payload Author: kevoreilly |
Source: 0.0.vy3mvlAaCZ.exe.944250.1.unpack, type: UNPACKEDPE |
Matched rule: Win32_Ransomware_GandCrab Author: ReversingLabs |
Source: 0.2.vy3mvlAaCZ.exe.944250.1.unpack, type: UNPACKEDPE |
Matched rule: detects Reflective DLL injection artifacts Author: ditekSHen |
Source: 0.2.vy3mvlAaCZ.exe.944250.1.unpack, type: UNPACKEDPE |
Matched rule: Gandcrab Payload Author: kevoreilly |
Source: 0.2.vy3mvlAaCZ.exe.944250.1.unpack, type: UNPACKEDPE |
Matched rule: Win32_Ransomware_GandCrab Author: ReversingLabs |
Source: 0.0.vy3mvlAaCZ.exe.944250.1.raw.unpack, type: UNPACKEDPE |
Matched rule: detects Reflective DLL injection artifacts Author: ditekSHen |
Source: 0.0.vy3mvlAaCZ.exe.944250.1.raw.unpack, type: UNPACKEDPE |
Matched rule: Gandcrab Payload Author: kevoreilly |
Source: 0.0.vy3mvlAaCZ.exe.944250.1.raw.unpack, type: UNPACKEDPE |
Matched rule: Win32_Ransomware_GandCrab Author: ReversingLabs |
Source: 0.2.vy3mvlAaCZ.exe.944250.1.raw.unpack, type: UNPACKEDPE |
Matched rule: detects Reflective DLL injection artifacts Author: ditekSHen |
Source: 0.2.vy3mvlAaCZ.exe.944250.1.raw.unpack, type: UNPACKEDPE |
Matched rule: Gandcrab Payload Author: kevoreilly |
Source: 0.2.vy3mvlAaCZ.exe.944250.1.raw.unpack, type: UNPACKEDPE |
Matched rule: Win32_Ransomware_GandCrab Author: ReversingLabs |
Source: 0.2.vy3mvlAaCZ.exe.930000.0.unpack, type: UNPACKEDPE |
Matched rule: detects Reflective DLL injection artifacts Author: ditekSHen |
Source: 0.2.vy3mvlAaCZ.exe.930000.0.unpack, type: UNPACKEDPE |
Matched rule: Gandcrab Payload Author: kevoreilly |
Source: 0.2.vy3mvlAaCZ.exe.930000.0.unpack, type: UNPACKEDPE |
Matched rule: Win32_Ransomware_GandCrab Author: ReversingLabs |
Source: 0.0.vy3mvlAaCZ.exe.930000.4.unpack, type: UNPACKEDPE |
Matched rule: detects Reflective DLL injection artifacts Author: ditekSHen |
Source: 0.0.vy3mvlAaCZ.exe.930000.4.unpack, type: UNPACKEDPE |
Matched rule: Gandcrab Payload Author: kevoreilly |
Source: 0.0.vy3mvlAaCZ.exe.930000.4.unpack, type: UNPACKEDPE |
Matched rule: Win32_Ransomware_GandCrab Author: ReversingLabs |
Source: 0.0.vy3mvlAaCZ.exe.930000.0.unpack, type: UNPACKEDPE |
Matched rule: detects Reflective DLL injection artifacts Author: ditekSHen |
Source: 0.0.vy3mvlAaCZ.exe.930000.0.unpack, type: UNPACKEDPE |
Matched rule: Gandcrab Payload Author: kevoreilly |
Source: 0.0.vy3mvlAaCZ.exe.930000.0.unpack, type: UNPACKEDPE |
Matched rule: Win32_Ransomware_GandCrab Author: ReversingLabs |
Source: 0.0.vy3mvlAaCZ.exe.944250.3.raw.unpack, type: UNPACKEDPE |
Matched rule: detects Reflective DLL injection artifacts Author: ditekSHen |
Source: 0.0.vy3mvlAaCZ.exe.944250.3.raw.unpack, type: UNPACKEDPE |
Matched rule: Gandcrab Payload Author: kevoreilly |
Source: 0.0.vy3mvlAaCZ.exe.944250.3.raw.unpack, type: UNPACKEDPE |
Matched rule: Win32_Ransomware_GandCrab Author: ReversingLabs |
Source: 0.0.vy3mvlAaCZ.exe.944250.5.raw.unpack, type: UNPACKEDPE |
Matched rule: detects Reflective DLL injection artifacts Author: ditekSHen |
Source: 0.0.vy3mvlAaCZ.exe.944250.5.raw.unpack, type: UNPACKEDPE |
Matched rule: Gandcrab Payload Author: kevoreilly |
Source: 0.0.vy3mvlAaCZ.exe.944250.5.raw.unpack, type: UNPACKEDPE |
Matched rule: Win32_Ransomware_GandCrab Author: ReversingLabs |
Source: 0.0.vy3mvlAaCZ.exe.930000.2.unpack, type: UNPACKEDPE |
Matched rule: detects Reflective DLL injection artifacts Author: ditekSHen |
Source: 0.0.vy3mvlAaCZ.exe.930000.2.unpack, type: UNPACKEDPE |
Matched rule: Gandcrab Payload Author: kevoreilly |
Source: 0.0.vy3mvlAaCZ.exe.930000.2.unpack, type: UNPACKEDPE |
Matched rule: Win32_Ransomware_GandCrab Author: ReversingLabs |
Source: vy3mvlAaCZ.exe, type: SAMPLE |
Matched rule: ReflectiveLoader author = Florian Roth, description = Detects a unspecified hack tool, crack or malware using a reflective loader - no hard match - further investigation recommended, nodeepdive = , score = 2017-07-17, reference = Internal Research, modified = 2021-03-15 |
Source: vy3mvlAaCZ.exe, type: SAMPLE |
Matched rule: SUSP_RANSOMWARE_Indicator_Jul20 date = 2020-07-28, hash3 = 6cb9afff8166976bd62bb29b12ed617784d6e74b110afcf8955477573594f306, hash2 = 5e78475d10418c6938723f6cfefb89d5e9de61e45ecf374bb435c1c99dd4a473, author = Florian Roth, description = Detects ransomware indicator, score = 52888b5f881f4941ae7a8f4d84de27fc502413861f96ee58ee560c09c11880d6, reference = https://securelist.com/lazarus-on-the-hunt-for-big-game/97757/ |
Source: vy3mvlAaCZ.exe, type: SAMPLE |
Matched rule: INDICATOR_SUSPICIOUS_ReflectiveLoader author = ditekSHen, description = detects Reflective DLL injection artifacts |
Source: vy3mvlAaCZ.exe, type: SAMPLE |
Matched rule: Gandcrab author = kevoreilly, description = Gandcrab Payload, cape_type = Gandcrab Payload |
Source: vy3mvlAaCZ.exe, type: SAMPLE |
Matched rule: Win32_Ransomware_GandCrab tc_detection_name = GandCrab, tc_detection_factor = , author = ReversingLabs, tc_detection_type = Ransomware |
Source: 0.0.vy3mvlAaCZ.exe.944250.5.unpack, type: UNPACKEDPE |
Matched rule: ReflectiveLoader author = Florian Roth, description = Detects a unspecified hack tool, crack or malware using a reflective loader - no hard match - further investigation recommended, nodeepdive = , score = 2017-07-17, reference = Internal Research, modified = 2021-03-15 |
Source: 0.0.vy3mvlAaCZ.exe.944250.5.unpack, type: UNPACKEDPE |
Matched rule: SUSP_RANSOMWARE_Indicator_Jul20 date = 2020-07-28, hash3 = 6cb9afff8166976bd62bb29b12ed617784d6e74b110afcf8955477573594f306, hash2 = 5e78475d10418c6938723f6cfefb89d5e9de61e45ecf374bb435c1c99dd4a473, author = Florian Roth, description = Detects ransomware indicator, score = 52888b5f881f4941ae7a8f4d84de27fc502413861f96ee58ee560c09c11880d6, reference = https://securelist.com/lazarus-on-the-hunt-for-big-game/97757/ |
Source: 0.0.vy3mvlAaCZ.exe.944250.5.unpack, type: UNPACKEDPE |
Matched rule: INDICATOR_SUSPICIOUS_ReflectiveLoader author = ditekSHen, description = detects Reflective DLL injection artifacts |
Source: 0.0.vy3mvlAaCZ.exe.944250.5.unpack, type: UNPACKEDPE |
Matched rule: Gandcrab author = kevoreilly, description = Gandcrab Payload, cape_type = Gandcrab Payload |
Source: 0.0.vy3mvlAaCZ.exe.944250.5.unpack, type: UNPACKEDPE |
Matched rule: Win32_Ransomware_GandCrab tc_detection_name = GandCrab, tc_detection_factor = , author = ReversingLabs, tc_detection_type = Ransomware |
Source: 0.0.vy3mvlAaCZ.exe.944250.3.unpack, type: UNPACKEDPE |
Matched rule: ReflectiveLoader author = Florian Roth, description = Detects a unspecified hack tool, crack or malware using a reflective loader - no hard match - further investigation recommended, nodeepdive = , score = 2017-07-17, reference = Internal Research, modified = 2021-03-15 |
Source: 0.0.vy3mvlAaCZ.exe.944250.3.unpack, type: UNPACKEDPE |
Matched rule: SUSP_RANSOMWARE_Indicator_Jul20 date = 2020-07-28, hash3 = 6cb9afff8166976bd62bb29b12ed617784d6e74b110afcf8955477573594f306, hash2 = 5e78475d10418c6938723f6cfefb89d5e9de61e45ecf374bb435c1c99dd4a473, author = Florian Roth, description = Detects ransomware indicator, score = 52888b5f881f4941ae7a8f4d84de27fc502413861f96ee58ee560c09c11880d6, reference = https://securelist.com/lazarus-on-the-hunt-for-big-game/97757/ |
Source: 0.0.vy3mvlAaCZ.exe.944250.3.unpack, type: UNPACKEDPE |
Matched rule: INDICATOR_SUSPICIOUS_ReflectiveLoader author = ditekSHen, description = detects Reflective DLL injection artifacts |
Source: 0.0.vy3mvlAaCZ.exe.944250.3.unpack, type: UNPACKEDPE |
Matched rule: Gandcrab author = kevoreilly, description = Gandcrab Payload, cape_type = Gandcrab Payload |
Source: 0.0.vy3mvlAaCZ.exe.944250.3.unpack, type: UNPACKEDPE |
Matched rule: Win32_Ransomware_GandCrab tc_detection_name = GandCrab, tc_detection_factor = , author = ReversingLabs, tc_detection_type = Ransomware |
Source: 0.0.vy3mvlAaCZ.exe.944250.1.unpack, type: UNPACKEDPE |
Matched rule: ReflectiveLoader author = Florian Roth, description = Detects a unspecified hack tool, crack or malware using a reflective loader - no hard match - further investigation recommended, nodeepdive = , score = 2017-07-17, reference = Internal Research, modified = 2021-03-15 |
Source: 0.0.vy3mvlAaCZ.exe.944250.1.unpack, type: UNPACKEDPE |
Matched rule: SUSP_RANSOMWARE_Indicator_Jul20 date = 2020-07-28, hash3 = 6cb9afff8166976bd62bb29b12ed617784d6e74b110afcf8955477573594f306, hash2 = 5e78475d10418c6938723f6cfefb89d5e9de61e45ecf374bb435c1c99dd4a473, author = Florian Roth, description = Detects ransomware indicator, score = 52888b5f881f4941ae7a8f4d84de27fc502413861f96ee58ee560c09c11880d6, reference = https://securelist.com/lazarus-on-the-hunt-for-big-game/97757/ |
Source: 0.0.vy3mvlAaCZ.exe.944250.1.unpack, type: UNPACKEDPE |
Matched rule: INDICATOR_SUSPICIOUS_ReflectiveLoader author = ditekSHen, description = detects Reflective DLL injection artifacts |
Source: 0.0.vy3mvlAaCZ.exe.944250.1.unpack, type: UNPACKEDPE |
Matched rule: Gandcrab author = kevoreilly, description = Gandcrab Payload, cape_type = Gandcrab Payload |
Source: 0.0.vy3mvlAaCZ.exe.944250.1.unpack, type: UNPACKEDPE |
Matched rule: Win32_Ransomware_GandCrab tc_detection_name = GandCrab, tc_detection_factor = , author = ReversingLabs, tc_detection_type = Ransomware |
Source: 0.2.vy3mvlAaCZ.exe.944250.1.unpack, type: UNPACKEDPE |
Matched rule: ReflectiveLoader author = Florian Roth, description = Detects a unspecified hack tool, crack or malware using a reflective loader - no hard match - further investigation recommended, nodeepdive = , score = 2017-07-17, reference = Internal Research, modified = 2021-03-15 |
Source: 0.2.vy3mvlAaCZ.exe.944250.1.unpack, type: UNPACKEDPE |
Matched rule: SUSP_RANSOMWARE_Indicator_Jul20 date = 2020-07-28, hash3 = 6cb9afff8166976bd62bb29b12ed617784d6e74b110afcf8955477573594f306, hash2 = 5e78475d10418c6938723f6cfefb89d5e9de61e45ecf374bb435c1c99dd4a473, author = Florian Roth, description = Detects ransomware indicator, score = 52888b5f881f4941ae7a8f4d84de27fc502413861f96ee58ee560c09c11880d6, reference = https://securelist.com/lazarus-on-the-hunt-for-big-game/97757/ |
Source: 0.2.vy3mvlAaCZ.exe.944250.1.unpack, type: UNPACKEDPE |
Matched rule: INDICATOR_SUSPICIOUS_ReflectiveLoader author = ditekSHen, description = detects Reflective DLL injection artifacts |
Source: 0.0.vy3mvlAaCZ.exe.944250.1.raw.unpack, type: UNPACKEDPE |
Matched rule: ReflectiveLoader author = Florian Roth, description = Detects a unspecified hack tool, crack or malware using a reflective loader - no hard match - further investigation recommended, nodeepdive = , score = 2017-07-17, reference = Internal Research, modified = 2021-03-15 |
Source: 0.2.vy3mvlAaCZ.exe.944250.1.unpack, type: UNPACKEDPE |
Matched rule: Gandcrab author = kevoreilly, description = Gandcrab Payload, cape_type = Gandcrab Payload |
Source: 0.2.vy3mvlAaCZ.exe.944250.1.unpack, type: UNPACKEDPE |
Matched rule: Win32_Ransomware_GandCrab tc_detection_name = GandCrab, tc_detection_factor = , author = ReversingLabs, tc_detection_type = Ransomware |
Source: 0.0.vy3mvlAaCZ.exe.944250.1.raw.unpack, type: UNPACKEDPE |
Matched rule: SUSP_RANSOMWARE_Indicator_Jul20 date = 2020-07-28, hash3 = 6cb9afff8166976bd62bb29b12ed617784d6e74b110afcf8955477573594f306, hash2 = 5e78475d10418c6938723f6cfefb89d5e9de61e45ecf374bb435c1c99dd4a473, author = Florian Roth, description = Detects ransomware indicator, score = 52888b5f881f4941ae7a8f4d84de27fc502413861f96ee58ee560c09c11880d6, reference = https://securelist.com/lazarus-on-the-hunt-for-big-game/97757/ |
Source: 0.0.vy3mvlAaCZ.exe.944250.1.raw.unpack, type: UNPACKEDPE |
Matched rule: INDICATOR_SUSPICIOUS_ReflectiveLoader author = ditekSHen, description = detects Reflective DLL injection artifacts |
Source: 0.0.vy3mvlAaCZ.exe.944250.1.raw.unpack, type: UNPACKEDPE |
Matched rule: Gandcrab author = kevoreilly, description = Gandcrab Payload, cape_type = Gandcrab Payload |
Source: 0.0.vy3mvlAaCZ.exe.944250.1.raw.unpack, type: UNPACKEDPE |
Matched rule: Win32_Ransomware_GandCrab tc_detection_name = GandCrab, tc_detection_factor = , author = ReversingLabs, tc_detection_type = Ransomware |
Source: 0.2.vy3mvlAaCZ.exe.944250.1.raw.unpack, type: UNPACKEDPE |
Matched rule: ReflectiveLoader author = Florian Roth, description = Detects a unspecified hack tool, crack or malware using a reflective loader - no hard match - further investigation recommended, nodeepdive = , score = 2017-07-17, reference = Internal Research, modified = 2021-03-15 |
Source: 0.2.vy3mvlAaCZ.exe.944250.1.raw.unpack, type: UNPACKEDPE |
Matched rule: SUSP_RANSOMWARE_Indicator_Jul20 date = 2020-07-28, hash3 = 6cb9afff8166976bd62bb29b12ed617784d6e74b110afcf8955477573594f306, hash2 = 5e78475d10418c6938723f6cfefb89d5e9de61e45ecf374bb435c1c99dd4a473, author = Florian Roth, description = Detects ransomware indicator, score = 52888b5f881f4941ae7a8f4d84de27fc502413861f96ee58ee560c09c11880d6, reference = https://securelist.com/lazarus-on-the-hunt-for-big-game/97757/ |
Source: 0.2.vy3mvlAaCZ.exe.944250.1.raw.unpack, type: UNPACKEDPE |
Matched rule: INDICATOR_SUSPICIOUS_ReflectiveLoader author = ditekSHen, description = detects Reflective DLL injection artifacts |
Source: 0.2.vy3mvlAaCZ.exe.944250.1.raw.unpack, type: UNPACKEDPE |
Matched rule: Gandcrab author = kevoreilly, description = Gandcrab Payload, cape_type = Gandcrab Payload |
Source: 0.2.vy3mvlAaCZ.exe.944250.1.raw.unpack, type: UNPACKEDPE |
Matched rule: Win32_Ransomware_GandCrab tc_detection_name = GandCrab, tc_detection_factor = , author = ReversingLabs, tc_detection_type = Ransomware |
Source: 0.2.vy3mvlAaCZ.exe.930000.0.unpack, type: UNPACKEDPE |
Matched rule: ReflectiveLoader author = Florian Roth, description = Detects a unspecified hack tool, crack or malware using a reflective loader - no hard match - further investigation recommended, nodeepdive = , score = 2017-07-17, reference = Internal Research, modified = 2021-03-15 |
Source: 0.2.vy3mvlAaCZ.exe.930000.0.unpack, type: UNPACKEDPE |
Matched rule: SUSP_RANSOMWARE_Indicator_Jul20 date = 2020-07-28, hash3 = 6cb9afff8166976bd62bb29b12ed617784d6e74b110afcf8955477573594f306, hash2 = 5e78475d10418c6938723f6cfefb89d5e9de61e45ecf374bb435c1c99dd4a473, author = Florian Roth, description = Detects ransomware indicator, score = 52888b5f881f4941ae7a8f4d84de27fc502413861f96ee58ee560c09c11880d6, reference = https://securelist.com/lazarus-on-the-hunt-for-big-game/97757/ |
Source: 0.2.vy3mvlAaCZ.exe.930000.0.unpack, type: UNPACKEDPE |
Matched rule: INDICATOR_SUSPICIOUS_ReflectiveLoader author = ditekSHen, description = detects Reflective DLL injection artifacts |
Source: 0.0.vy3mvlAaCZ.exe.930000.4.unpack, type: UNPACKEDPE |
Matched rule: ReflectiveLoader author = Florian Roth, description = Detects a unspecified hack tool, crack or malware using a reflective loader - no hard match - further investigation recommended, nodeepdive = , score = 2017-07-17, reference = Internal Research, modified = 2021-03-15 |
Source: 0.0.vy3mvlAaCZ.exe.930000.4.unpack, type: UNPACKEDPE |
Matched rule: SUSP_RANSOMWARE_Indicator_Jul20 date = 2020-07-28, hash3 = 6cb9afff8166976bd62bb29b12ed617784d6e74b110afcf8955477573594f306, hash2 = 5e78475d10418c6938723f6cfefb89d5e9de61e45ecf374bb435c1c99dd4a473, author = Florian Roth, description = Detects ransomware indicator, score = 52888b5f881f4941ae7a8f4d84de27fc502413861f96ee58ee560c09c11880d6, reference = https://securelist.com/lazarus-on-the-hunt-for-big-game/97757/ |
Source: 0.2.vy3mvlAaCZ.exe.930000.0.unpack, type: UNPACKEDPE |
Matched rule: Gandcrab author = kevoreilly, description = Gandcrab Payload, cape_type = Gandcrab Payload |
Source: 0.2.vy3mvlAaCZ.exe.930000.0.unpack, type: UNPACKEDPE |
Matched rule: Win32_Ransomware_GandCrab tc_detection_name = GandCrab, tc_detection_factor = , author = ReversingLabs, tc_detection_type = Ransomware |
Source: 0.0.vy3mvlAaCZ.exe.930000.4.unpack, type: UNPACKEDPE |
Matched rule: INDICATOR_SUSPICIOUS_ReflectiveLoader author = ditekSHen, description = detects Reflective DLL injection artifacts |
Source: 0.0.vy3mvlAaCZ.exe.930000.4.unpack, type: UNPACKEDPE |
Matched rule: Gandcrab author = kevoreilly, description = Gandcrab Payload, cape_type = Gandcrab Payload |
Source: 0.0.vy3mvlAaCZ.exe.930000.4.unpack, type: UNPACKEDPE |
Matched rule: Win32_Ransomware_GandCrab tc_detection_name = GandCrab, tc_detection_factor = , author = ReversingLabs, tc_detection_type = Ransomware |
Source: 0.0.vy3mvlAaCZ.exe.930000.0.unpack, type: UNPACKEDPE |
Matched rule: ReflectiveLoader author = Florian Roth, description = Detects a unspecified hack tool, crack or malware using a reflective loader - no hard match - further investigation recommended, nodeepdive = , score = 2017-07-17, reference = Internal Research, modified = 2021-03-15 |
Source: 0.0.vy3mvlAaCZ.exe.930000.0.unpack, type: UNPACKEDPE |
Matched rule: SUSP_RANSOMWARE_Indicator_Jul20 date = 2020-07-28, hash3 = 6cb9afff8166976bd62bb29b12ed617784d6e74b110afcf8955477573594f306, hash2 = 5e78475d10418c6938723f6cfefb89d5e9de61e45ecf374bb435c1c99dd4a473, author = Florian Roth, description = Detects ransomware indicator, score = 52888b5f881f4941ae7a8f4d84de27fc502413861f96ee58ee560c09c11880d6, reference = https://securelist.com/lazarus-on-the-hunt-for-big-game/97757/ |
Source: 0.0.vy3mvlAaCZ.exe.930000.0.unpack, type: UNPACKEDPE |
Matched rule: INDICATOR_SUSPICIOUS_ReflectiveLoader author = ditekSHen, description = detects Reflective DLL injection artifacts |
Source: 0.0.vy3mvlAaCZ.exe.930000.0.unpack, type: UNPACKEDPE |
Matched rule: Gandcrab author = kevoreilly, description = Gandcrab Payload, cape_type = Gandcrab Payload |
Source: 0.0.vy3mvlAaCZ.exe.930000.0.unpack, type: UNPACKEDPE |
Matched rule: Win32_Ransomware_GandCrab tc_detection_name = GandCrab, tc_detection_factor = , author = ReversingLabs, tc_detection_type = Ransomware |
Source: 0.0.vy3mvlAaCZ.exe.944250.3.raw.unpack, type: UNPACKEDPE |
Matched rule: ReflectiveLoader author = Florian Roth, description = Detects a unspecified hack tool, crack or malware using a reflective loader - no hard match - further investigation recommended, nodeepdive = , score = 2017-07-17, reference = Internal Research, modified = 2021-03-15 |
Source: 0.0.vy3mvlAaCZ.exe.944250.3.raw.unpack, type: UNPACKEDPE |
Matched rule: SUSP_RANSOMWARE_Indicator_Jul20 date = 2020-07-28, hash3 = 6cb9afff8166976bd62bb29b12ed617784d6e74b110afcf8955477573594f306, hash2 = 5e78475d10418c6938723f6cfefb89d5e9de61e45ecf374bb435c1c99dd4a473, author = Florian Roth, description = Detects ransomware indicator, score = 52888b5f881f4941ae7a8f4d84de27fc502413861f96ee58ee560c09c11880d6, reference = https://securelist.com/lazarus-on-the-hunt-for-big-game/97757/ |
Source: 0.0.vy3mvlAaCZ.exe.944250.3.raw.unpack, type: UNPACKEDPE |
Matched rule: INDICATOR_SUSPICIOUS_ReflectiveLoader author = ditekSHen, description = detects Reflective DLL injection artifacts |
Source: 0.0.vy3mvlAaCZ.exe.944250.3.raw.unpack, type: UNPACKEDPE |
Matched rule: Gandcrab author = kevoreilly, description = Gandcrab Payload, cape_type = Gandcrab Payload |
Source: 0.0.vy3mvlAaCZ.exe.944250.3.raw.unpack, type: UNPACKEDPE |
Matched rule: Win32_Ransomware_GandCrab tc_detection_name = GandCrab, tc_detection_factor = , author = ReversingLabs, tc_detection_type = Ransomware |
Source: 0.0.vy3mvlAaCZ.exe.944250.5.raw.unpack, type: UNPACKEDPE |
Matched rule: ReflectiveLoader author = Florian Roth, description = Detects a unspecified hack tool, crack or malware using a reflective loader - no hard match - further investigation recommended, nodeepdive = , score = 2017-07-17, reference = Internal Research, modified = 2021-03-15 |
Source: 0.0.vy3mvlAaCZ.exe.944250.5.raw.unpack, type: UNPACKEDPE |
Matched rule: SUSP_RANSOMWARE_Indicator_Jul20 date = 2020-07-28, hash3 = 6cb9afff8166976bd62bb29b12ed617784d6e74b110afcf8955477573594f306, hash2 = 5e78475d10418c6938723f6cfefb89d5e9de61e45ecf374bb435c1c99dd4a473, author = Florian Roth, description = Detects ransomware indicator, score = 52888b5f881f4941ae7a8f4d84de27fc502413861f96ee58ee560c09c11880d6, reference = https://securelist.com/lazarus-on-the-hunt-for-big-game/97757/ |
Source: 0.0.vy3mvlAaCZ.exe.944250.5.raw.unpack, type: UNPACKEDPE |
Matched rule: INDICATOR_SUSPICIOUS_ReflectiveLoader author = ditekSHen, description = detects Reflective DLL injection artifacts |
Source: 0.0.vy3mvlAaCZ.exe.944250.5.raw.unpack, type: UNPACKEDPE |
Matched rule: Gandcrab author = kevoreilly, description = Gandcrab Payload, cape_type = Gandcrab Payload |
Source: 0.0.vy3mvlAaCZ.exe.944250.5.raw.unpack, type: UNPACKEDPE |
Matched rule: Win32_Ransomware_GandCrab tc_detection_name = GandCrab, tc_detection_factor = , author = ReversingLabs, tc_detection_type = Ransomware |
Source: 0.0.vy3mvlAaCZ.exe.930000.2.unpack, type: UNPACKEDPE |
Matched rule: ReflectiveLoader author = Florian Roth, description = Detects a unspecified hack tool, crack or malware using a reflective loader - no hard match - further investigation recommended, nodeepdive = , score = 2017-07-17, reference = Internal Research, modified = 2021-03-15 |
Source: 0.0.vy3mvlAaCZ.exe.930000.2.unpack, type: UNPACKEDPE |
Matched rule: SUSP_RANSOMWARE_Indicator_Jul20 date = 2020-07-28, hash3 = 6cb9afff8166976bd62bb29b12ed617784d6e74b110afcf8955477573594f306, hash2 = 5e78475d10418c6938723f6cfefb89d5e9de61e45ecf374bb435c1c99dd4a473, author = Florian Roth, description = Detects ransomware indicator, score = 52888b5f881f4941ae7a8f4d84de27fc502413861f96ee58ee560c09c11880d6, reference = https://securelist.com/lazarus-on-the-hunt-for-big-game/97757/ |
Source: 0.0.vy3mvlAaCZ.exe.930000.2.unpack, type: UNPACKEDPE |
Matched rule: INDICATOR_SUSPICIOUS_ReflectiveLoader author = ditekSHen, description = detects Reflective DLL injection artifacts |
Source: 0.0.vy3mvlAaCZ.exe.930000.2.unpack, type: UNPACKEDPE |
Matched rule: Gandcrab author = kevoreilly, description = Gandcrab Payload, cape_type = Gandcrab Payload |
Source: 0.0.vy3mvlAaCZ.exe.930000.2.unpack, type: UNPACKEDPE |
Matched rule: Win32_Ransomware_GandCrab tc_detection_name = GandCrab, tc_detection_factor = , author = ReversingLabs, tc_detection_type = Ransomware |