Overview

overview

10

Static

static

10

76fab1fb6f...12.exe

windows7-x64

10

76fab1fb6f...12.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    76fab1fb6fafe786432c7a0cee1234990f83401b5740f01260cc46cb1d0b8312.exe

  • Size

    707KB

  • MD5

    5bdf3bde67a8d784a4a0c46948a48412

  • SHA1

    d780db828d32666d84e99713f90378d49efa2779

  • SHA256

    76fab1fb6fafe786432c7a0cee1234990f83401b5740f01260cc46cb1d0b8312

  • SHA512

    82162dbae15c1773b74eb0e479515a32c8a50bdc4374387d86b1727480082c4ffc0f2c6e470ba991005e5542a65bf39337fb908f2659665d5e2fe73618894dd0

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza188Nvnh:6uaTmkZJ+naie5OTamgEoKxLWv5h

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 76fab1fb6fafe786432c7a0cee1234990f83401b5740f01260cc46cb1d0b8312.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections