Overview

overview

10

Static

static

10

1904d31289...95.exe

windows7-x64

10

1904d31289...95.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    1904d312894867e7f1cdd053ae53e42d32e5e36039bd4c314bb974028f8cec95.exe

  • Size

    707KB

  • MD5

    243762c1df3d5a67a9b88c20aa1510de

  • SHA1

    8d3a0995746e36ba5edd33e9557f657c12ea7c0e

  • SHA256

    1904d312894867e7f1cdd053ae53e42d32e5e36039bd4c314bb974028f8cec95

  • SHA512

    de79addd4d45d8ad736bb678371443191413f4bf8216a9cdb275b07287d5b150a6e0976946c727d29d62660ffcc820ab79a0731942c9a862b68b93bf2a40fead

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1080vnh:6uaTmkZJ+naie5OTamgEoKxLW3Kh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1904d312894867e7f1cdd053ae53e42d32e5e36039bd4c314bb974028f8cec95.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections