Overview

overview

10

Static

static

10

832d53ebb0...25.exe

windows7-x64

10

832d53ebb0...25.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    832d53ebb0756b8a6c116038eb94e9297a0018971bbd8c50b1508bf924a7be25.exe

  • Size

    707KB

  • MD5

    2bc1616e324b0c712cb2e25e0e3ce8a5

  • SHA1

    2aef04595cfc5cb7a719277592506b703aa5829a

  • SHA256

    832d53ebb0756b8a6c116038eb94e9297a0018971bbd8c50b1508bf924a7be25

  • SHA512

    666004edb40898fa0c5c04e250bc14fee80272138268bc945dae5b3111c42a64c55d31f6de9c9f91da15c0631f02f6e6bd031a7a4c10553fd63d3c4f0dce5737

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza198Vvnh:6uaTmkZJ+naie5OTamgEoKxLWARh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 832d53ebb0756b8a6c116038eb94e9297a0018971bbd8c50b1508bf924a7be25.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections