Overview

overview

10

Static

static

10

3c12a8799c...90.exe

windows7-x64

10

3c12a8799c...90.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    3c12a8799c6b391ab262567d38b34409b4dd4d12d2ce85db3052ea4a0b2c4090.exe

  • Size

    707KB

  • MD5

    5ca9a69a40a967e03e6e84da4e52a86f

  • SHA1

    da58f939ad36346f38dd7c5cb1cffa47760c65ea

  • SHA256

    3c12a8799c6b391ab262567d38b34409b4dd4d12d2ce85db3052ea4a0b2c4090

  • SHA512

    0544df4ab2781272e1cf0edce9e1f833bff8e0bad80dee6448bafb92a77b258ade8db1cb434ab961c2fe391f981dc4f0d8b07f8061a1c889adb5d66c1d56713d

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1X8ivnh:6uaTmkZJ+naie5OTamgEoKxLW+sh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 3c12a8799c6b391ab262567d38b34409b4dd4d12d2ce85db3052ea4a0b2c4090.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections