Overview

overview

10

Static

static

10

3f935ddcc4...21.exe

windows7-x64

10

3f935ddcc4...21.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    3f935ddcc4b3f094324cb2245adbb1113a1a7e73f8f8b1eb85f222c956c60021.exe

  • Size

    707KB

  • MD5

    f165bda4e9983f2c01b8707047bc08f1

  • SHA1

    71bb063106b9e43a2bd5a89761b1be6eb6508c6a

  • SHA256

    3f935ddcc4b3f094324cb2245adbb1113a1a7e73f8f8b1eb85f222c956c60021

  • SHA512

    ddf4ac8d9bf3777934f0c836636fd0f3c3571f94b4851040278d549de691dae1bee841a3e02e08c5765b68b42279f443427ae95d77afafcb093ef995ee525f80

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza15W8Tvnh:6uaTmkZJ+naie5OTamgEoKxLW3Th

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 3f935ddcc4b3f094324cb2245adbb1113a1a7e73f8f8b1eb85f222c956c60021.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections