Overview

overview

10

Static

static

10

20c7201a35...50.exe

windows7-x64

10

20c7201a35...50.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    20c7201a35146ecd401c04869a95e3876a450b359d1b9fe4107ce10f2cdfc250.exe

  • Size

    707KB

  • MD5

    1d75dabf0e01bbe089d2d16e1410925d

  • SHA1

    a3a89c07d5a3af6ad437dca2eeb187e8f379c082

  • SHA256

    20c7201a35146ecd401c04869a95e3876a450b359d1b9fe4107ce10f2cdfc250

  • SHA512

    24c5d01751292fa3f8869388e17c8a2cfb0d91fbe0060753c34e2f4c460ddc1647b09e53c23d851806732ed607da649a7152b789e4e1fd66780e602db7991ae2

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1F8nvnh:6uaTmkZJ+naie5OTamgEoKxLWovh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 20c7201a35146ecd401c04869a95e3876a450b359d1b9fe4107ce10f2cdfc250.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections