Overview

overview

10

Static

static

10

9cd30722c8...32.exe

windows7-x64

10

9cd30722c8...32.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    9cd30722c8cf926b4d1142d0a378faecddc4c07e49b52eddba238b5dddcb1132.exe

  • Size

    707KB

  • MD5

    1a271dcb7e6bf14a406236fcf2ca2ec3

  • SHA1

    a05997d87bf5f4f398eb60489a70d3723a0e0731

  • SHA256

    9cd30722c8cf926b4d1142d0a378faecddc4c07e49b52eddba238b5dddcb1132

  • SHA512

    1e191b41bac7976dcbc5f34cd82ddb0bc2dea6fef55b377eb47ee7dec5c93d16df8a2237ce2c6a45e5918db270a07d9546f8233628b82c5ddf8a5ed966a76a5e

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1O8Xvnh:6uaTmkZJ+naie5OTamgEoKxLWF/h

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 9cd30722c8cf926b4d1142d0a378faecddc4c07e49b52eddba238b5dddcb1132.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections