Overview

overview

10

Static

static

10

3b229f97f5...87.exe

windows7-x64

10

3b229f97f5...87.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    3b229f97f52d15309888a1faa6ee35080aeda8b914838452d50be24086ac7987.exe

  • Size

    707KB

  • MD5

    3f04a5e74b5f4c76142d3365c356bc8a

  • SHA1

    764c8045baab67dc96b45b0e35a3d17f3b569e2e

  • SHA256

    3b229f97f52d15309888a1faa6ee35080aeda8b914838452d50be24086ac7987

  • SHA512

    363f40031c895228a1aed9f29426f0aea0dfc81bb39a50757a9434c962ff264071f2f034e099b9c1b2a06f691a900ae52f047909f93feba0356dae1c018b96ed

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1v8fvnh:6uaTmkZJ+naie5OTamgEoKxLWe3h

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 3b229f97f52d15309888a1faa6ee35080aeda8b914838452d50be24086ac7987.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections