Overview

overview

10

Static

static

10

031584053a...74.exe

windows7-x64

10

031584053a...74.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    031584053a9f333d8910a0726977ea55094aba8fe5331d7c4bf607fd63e44e74.exe

  • Size

    707KB

  • MD5

    bdfd2fa5d35ed07d860a3e5e7bc6a69c

  • SHA1

    bc4d91842be6e3464e46652e17a4ad00384de1d0

  • SHA256

    031584053a9f333d8910a0726977ea55094aba8fe5331d7c4bf607fd63e44e74

  • SHA512

    9187604b0229f636d6f0694f8b168601a64b879439b9569783d189cd98f8647b8ef0371ee2fb0261eb0415b8f7f5d3f043f6f822a7323ff51f8752dad9c50c23

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1q8Xvnh:6uaTmkZJ+naie5OTamgEoKxLWJ/h

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 031584053a9f333d8910a0726977ea55094aba8fe5331d7c4bf607fd63e44e74.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections