Overview

overview

10

Static

static

10

472da5f1fc...d5.exe

windows7-x64

10

472da5f1fc...d5.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    472da5f1fcb76a33720b7de0b4b2b5052cafdb628efb270f357a961a6292d0d5.exe

  • Size

    707KB

  • MD5

    da8a2017bb50f56a3f19dc5a06ed10cc

  • SHA1

    40986bc238cd4b2598b9caeedf18230310779d65

  • SHA256

    472da5f1fcb76a33720b7de0b4b2b5052cafdb628efb270f357a961a6292d0d5

  • SHA512

    119989688418c5d1791cd903066ef2fdce9781ff9b5ef07a7bfb86a17660a3af4b3e85ca94d0325587556ed4d921ce6ad804280f29731c7e67676366bc942d90

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1Y8zvnh:6uaTmkZJ+naie5OTamgEoKxLWLzh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 472da5f1fcb76a33720b7de0b4b2b5052cafdb628efb270f357a961a6292d0d5.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections