Overview

overview

10

Static

static

10

44f082ab27...9d.exe

windows7-x64

10

44f082ab27...9d.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    44f082ab271184f407e8dbdcc55d37a677dda635f212686a424dfa8d5e03a69d.exe

  • Size

    707KB

  • MD5

    bb38d0a721a818720f3e6344ea653465

  • SHA1

    bd619afa9a13d3842d6105bea62ea5e29c186fb2

  • SHA256

    44f082ab271184f407e8dbdcc55d37a677dda635f212686a424dfa8d5e03a69d

  • SHA512

    a2572c22272004e491794834ac3618789ebf0aa9eab60f6a8f2da3ea0ff51955515c311f22fc1b682e0e9a62c1d72dfdd6efc6728ff631474a13f07d347c99b9

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1B8Uvnh:6uaTmkZJ+naie5OTamgEoKxLW0qh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 44f082ab271184f407e8dbdcc55d37a677dda635f212686a424dfa8d5e03a69d.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections