Overview

overview

10

Static

static

10

0982b0763b...c8.exe

windows7-x64

10

0982b0763b...c8.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    0982b0763b184d06a6fac7c9fc77821b9c7e8b8c597fe2ad6e4a84c621bcd0c8.exe

  • Size

    707KB

  • MD5

    7e8672c91abc3b6cf22d879914ceb838

  • SHA1

    3a6ba3aee83a41c15b9120dca80c9098ffa2d70d

  • SHA256

    0982b0763b184d06a6fac7c9fc77821b9c7e8b8c597fe2ad6e4a84c621bcd0c8

  • SHA512

    f3a51a52d68268f41482477ae5dd637b8f5cfe34d0e16b78c946a386776a58c6b162ece60ec6cc907b56bbaa09bf67a712d5261a6d4b808a7e2b2e8683f85cd1

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1c8Kvnh:6uaTmkZJ+naie5OTamgEoKxLWvEh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 0982b0763b184d06a6fac7c9fc77821b9c7e8b8c597fe2ad6e4a84c621bcd0c8.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections