Overview

overview

10

Static

static

10

152828fc18...f8.exe

windows7-x64

10

152828fc18...f8.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    152828fc18dc09e0c057bd5f479a7fd4c7642f1cdf23e2e96d495e64760738f8.exe

  • Size

    707KB

  • MD5

    3608508364f8a354ade5637d43468e92

  • SHA1

    113e0430c50253a8076dfe23b86003645086176c

  • SHA256

    152828fc18dc09e0c057bd5f479a7fd4c7642f1cdf23e2e96d495e64760738f8

  • SHA512

    d2cf36568877038c7ebbfa4e09d94c9af2f095f30672e723d86bf624787732b755753c1441a4e1d80ea8a9ec1b6b637de5feed6e2d267faed1e6c8b9865a8808

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1Z8ivnh:6uaTmkZJ+naie5OTamgEoKxLW8sh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 152828fc18dc09e0c057bd5f479a7fd4c7642f1cdf23e2e96d495e64760738f8.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections