Overview

overview

10

Static

static

10

2d7d8f2355...0e.exe

windows7-x64

10

2d7d8f2355...0e.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2d7d8f235522e1bcc8456e893ebb5a7acd1d9295d35144847c30c4d033f8f10e.exe

  • Size

    707KB

  • MD5

    4b3e8f5db2e935ec63a9ed07085bb211

  • SHA1

    7548d6264bd625cf3ed3727dbd60718f36f31a90

  • SHA256

    2d7d8f235522e1bcc8456e893ebb5a7acd1d9295d35144847c30c4d033f8f10e

  • SHA512

    e5fcff7436186e7309777307af3ed02b457d9b4b7ee33fec34973a656cdef90ed9a149e0009ff660c380a3fe0fb61848c88cd08c67cad6bae460ca6bbe77dbec

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1385vnh:6uaTmkZJ+naie5OTamgEoKxLWe9h

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2d7d8f235522e1bcc8456e893ebb5a7acd1d9295d35144847c30c4d033f8f10e.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections