Overview

overview

10

Static

static

10

3591bb32ed...25.exe

windows7-x64

10

3591bb32ed...25.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3591bb32ed758f6c43ef31edd268fee6c6aeb227bb326b9edf6e0bd46acb7625.exe

  • Size

    707KB

  • MD5

    29bd2b6baacf971bb645902702b94f62

  • SHA1

    7e429a275f6debef8b1b98507656f3129e6e7615

  • SHA256

    3591bb32ed758f6c43ef31edd268fee6c6aeb227bb326b9edf6e0bd46acb7625

  • SHA512

    be06a645f958980b6ef2ba882b561a57c2a139b143d35b70272e5f99138ef56afc855571e39263a38e553eb43983ca949ee18d7e878ebb154db2d51bed57a630

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1b8Ovnh:6uaTmkZJ+naie5OTamgEoKxLWCQh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 3591bb32ed758f6c43ef31edd268fee6c6aeb227bb326b9edf6e0bd46acb7625.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections