Overview

overview

10

Static

static

10

237897cde6...4c.exe

windows7-x64

10

237897cde6...4c.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    237897cde6b3767a15ea5c9474892ff9d627a70c56c2c2ffd2058ad20934844c.exe

  • Size

    707KB

  • MD5

    7b7d7b6a9fde945a53451548363360c4

  • SHA1

    c6ccd6a3f77823555d30d6ea795aefe77a13cb96

  • SHA256

    237897cde6b3767a15ea5c9474892ff9d627a70c56c2c2ffd2058ad20934844c

  • SHA512

    ef373131b37c3ace68856565f4c62b8d357c23434745a5e52cd9d9c4cd770305ec17388d6b62427db1426bcf609ad54cd8cf4fe383ca7dffc524a72973f8d874

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1uz8rvnh:6uaTmkZJ+naie5OTamgEoKxLWkY7h

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 237897cde6b3767a15ea5c9474892ff9d627a70c56c2c2ffd2058ad20934844c.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections