Overview

overview

10

Static

static

10

7637b7b5a0...d4.exe

windows7-x64

10

7637b7b5a0...d4.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    7637b7b5a06c068046f5291c38183f65228c1fd64bd84d847dd57e353de963d4.exe

  • Size

    707KB

  • MD5

    39f96ec60ed502d66df96c2f11a325b3

  • SHA1

    75d768be7ed1381c9bce8431a3b0a2392383b232

  • SHA256

    7637b7b5a06c068046f5291c38183f65228c1fd64bd84d847dd57e353de963d4

  • SHA512

    ce180402fb2f8dcdb9c98765b380c066b31f7791a94612c0792d954954dae276ae43939a283ff77b218070330e14c4cd4c3ec0b5fb5113adfb0833780caba309

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1N84vnh:6uaTmkZJ+naie5OTamgEoKxLWoGh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 7637b7b5a06c068046f5291c38183f65228c1fd64bd84d847dd57e353de963d4.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections