Overview

overview

10

Static

static

10

085783717e...a9.exe

windows7-x64

10

085783717e...a9.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    085783717e84a50a58014f57f91380835258969040649ad0cb550f6c9db1a1a9.exe

  • Size

    707KB

  • MD5

    5df39a0d85f359d82d47c86f4c8b0720

  • SHA1

    ac769928925d227c3a61d3e94a26095b3dcbc260

  • SHA256

    085783717e84a50a58014f57f91380835258969040649ad0cb550f6c9db1a1a9

  • SHA512

    9f05ca98b4ffbc9b7092b90cd83eeb0e3543e711750582c2ae08fb69bc752d81e13d336c8f8a59feba87bba2c6b53d1849adc703e59d9be01c44c2c4c9e0de09

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1d8Dvnh:6uaTmkZJ+naie5OTamgEoKxLWYjh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 085783717e84a50a58014f57f91380835258969040649ad0cb550f6c9db1a1a9.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections