Overview

overview

10

Static

static

10

05200fcc96...36.exe

windows7-x64

10

05200fcc96...36.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    05200fcc96b0fdd4370a784ea721d0b3d3131b0a37e743d480075f5345117136.exe

  • Size

    707KB

  • MD5

    cfdf33ca9ea6ea85165b16c729099984

  • SHA1

    dcfc3e01f0540faaa2047204069a4bb40b3c7ad6

  • SHA256

    05200fcc96b0fdd4370a784ea721d0b3d3131b0a37e743d480075f5345117136

  • SHA512

    41279ed9920a8989b263be9c28d7ec2880483352d6a014bfeb7868ab5881c01cb17db16e8870bcca9f6d23347b2588241fa06d1a2059b5758bb377cc07adfaf1

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza198Rvnh:6uaTmkZJ+naie5OTamgEoKxLW4Fh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 05200fcc96b0fdd4370a784ea721d0b3d3131b0a37e743d480075f5345117136.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections