Overview

overview

10

Static

static

10

33380d167f...c9.exe

windows7-x64

10

33380d167f...c9.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    33380d167fd8770940a565d025245c1dcf525f9f428ebb6efdd8902eec8358c9.exe

  • Size

    707KB

  • MD5

    2758c0613b2aafb3735fba4da8f63aaa

  • SHA1

    f49edcd17649f73d30815497cbc03157c253bc70

  • SHA256

    33380d167fd8770940a565d025245c1dcf525f9f428ebb6efdd8902eec8358c9

  • SHA512

    36b3551b341bad0e9bf539498f3087397d8dbe369b692bd30ffd2232b2fd902775638f393fe83b3c6f11e271707d31cbe7dcb97b253a91e3ba7d2bd24d12ba94

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1P8pvnh:6uaTmkZJ+naie5OTamgEoKxLWGNh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 33380d167fd8770940a565d025245c1dcf525f9f428ebb6efdd8902eec8358c9.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections