Overview

overview

10

Static

static

10

65e3939881...db.exe

windows7-x64

10

65e3939881...db.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    65e3939881a69279f5688711d5f404bb1ed880d788ce64b8e5098cd871fc7bdb.exe

  • Size

    707KB

  • MD5

    dbd96f8868c3be5f4600a04038b070aa

  • SHA1

    3e4c40a85b35865abf5289f370be78024278b401

  • SHA256

    65e3939881a69279f5688711d5f404bb1ed880d788ce64b8e5098cd871fc7bdb

  • SHA512

    51282d926c50a2b6dab8e347e9af8e670760f1b7140487acbe780aa28eea16fcc4b91ef28744bf53c9a0be9ddcbf8c64b9d5cc3b4dddbfec1f158c727b933efd

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1a8Vvnh:6uaTmkZJ+naie5OTamgEoKxLWhRh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 65e3939881a69279f5688711d5f404bb1ed880d788ce64b8e5098cd871fc7bdb.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections