Overview

overview

10

Static

static

10

12d5da7bd9...8c.exe

windows7-x64

10

12d5da7bd9...8c.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    12d5da7bd9d006373f8007f80e2ad0d3a684cad7bbf514602b42f2296054e08c.exe

  • Size

    707KB

  • MD5

    43e1e1034e576bb5cfb19e4d433fc09f

  • SHA1

    715f8357e8d1bda6da38917673f09c2e061d50dd

  • SHA256

    12d5da7bd9d006373f8007f80e2ad0d3a684cad7bbf514602b42f2296054e08c

  • SHA512

    dbfc6b4421daadd95ecef2627751afbf1cf96a7737c7d3290363bba516062a85dd502ca5c2769a44dab0b0e3dd542bff39f4be6c9862a45c5a0d4a846ad6eca4

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1Z8Vvnh:6uaTmkZJ+naie5OTamgEoKxLWcRh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 12d5da7bd9d006373f8007f80e2ad0d3a684cad7bbf514602b42f2296054e08c.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections