Overview

overview

10

Static

static

10

747f9f49ef...76.exe

windows7-x64

10

747f9f49ef...76.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    747f9f49efa050eafc46728bab330726e8d936ab2d3da066d5b87f856897a576.exe

  • Size

    707KB

  • MD5

    fabdf34bf18dbf67e758da9682b207d3

  • SHA1

    c213f48e527c223a3227ebbc700c05a0dfc61ab2

  • SHA256

    747f9f49efa050eafc46728bab330726e8d936ab2d3da066d5b87f856897a576

  • SHA512

    15d94541355e2d9624eac5718b78179223bc4ccfde6de1ed3b5b8b5969f4cccb6c73eda4b035e967c8ef8d1f6432bf5b564f380d4a108338633d226d4a7ac6b5

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1E8Pvnh:6uaTmkZJ+naie5OTamgEoKxLWnHh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 747f9f49efa050eafc46728bab330726e8d936ab2d3da066d5b87f856897a576.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections