Overview

overview

10

Static

static

10

22f5e7d3f1...bd.exe

windows7-x64

10

22f5e7d3f1...bd.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    22f5e7d3f123566096456f89387afcd217420b0438d9100333acd80ecff4b1bd.exe

  • Size

    707KB

  • MD5

    36e8e6c7f53f034b8c3667450a4fc9ce

  • SHA1

    52db7eed0df006a7679640453bc0734dc2afca96

  • SHA256

    22f5e7d3f123566096456f89387afcd217420b0438d9100333acd80ecff4b1bd

  • SHA512

    31d5d824cf5e329fc40181d0732c627ca018288eaf2e36bb367ab1755e0731cc55a5711bcd5aa82050eac6fa5dd0c9a0cb9da05439f32b9adcf1792f8573fd4a

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1x82vnh:6uaTmkZJ+naie5OTamgEoKxLWcIh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 22f5e7d3f123566096456f89387afcd217420b0438d9100333acd80ecff4b1bd.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections