Overview

overview

10

Static

static

10

2437e50df3...17.exe

windows7-x64

10

2437e50df3...17.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    2437e50df38c1fd8c5ecd55b766f0b17f1acc081afa5bb84340106c7f0230717.exe

  • Size

    707KB

  • MD5

    f02b553fa8855f44cf09ec28db018987

  • SHA1

    366be5c22bf6cda322665c49b7fe73e948e008ca

  • SHA256

    2437e50df38c1fd8c5ecd55b766f0b17f1acc081afa5bb84340106c7f0230717

  • SHA512

    f4e58f672d5558c15b35790ed4b951b3e73a8ee2da7c711f314fe2f5d61a9cc299ef80ba9ff372416bf0e00d5d34e05e2fb853d6a2553997f93e528b2c47dd66

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1T8Kvnh:6uaTmkZJ+naie5OTamgEoKxLWyEh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2437e50df38c1fd8c5ecd55b766f0b17f1acc081afa5bb84340106c7f0230717.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections