Overview

overview

10

Static

static

10

36af3cfb9f...3d.exe

windows7-x64

10

36af3cfb9f...3d.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    36af3cfb9f6523bc378af0084b9040b6b1a02f805172231a2141307bc881363d.exe

  • Size

    707KB

  • MD5

    46745ca3dc3b491f271c4c57e16ac7a7

  • SHA1

    b139a9a48c637a5fd075e8b4145af0be0b96a41f

  • SHA256

    36af3cfb9f6523bc378af0084b9040b6b1a02f805172231a2141307bc881363d

  • SHA512

    a89d74316c363bd41a0b718522a1d9eadf360e91266e7c8d7ec07b0cf855caa93b7c764ed74748218baf9f0e468e164ab70487901ba77e14fbc6954ccb71cea6

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1V86vnh:6uaTmkZJ+naie5OTamgEoKxLWAUh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 36af3cfb9f6523bc378af0084b9040b6b1a02f805172231a2141307bc881363d.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections