Overview

overview

10

Static

static

10

793692db37...5e.exe

windows7-x64

10

793692db37...5e.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    793692db37fce4189aa8ea1e617b209868fcc72fd3950989600508e7a70c5c5e.exe

  • Size

    707KB

  • MD5

    d55b9c8a330a78d94eea4846ee9502dc

  • SHA1

    b0c6a1932ee553395b9a0784c964c6d20c0f782c

  • SHA256

    793692db37fce4189aa8ea1e617b209868fcc72fd3950989600508e7a70c5c5e

  • SHA512

    60e991da39a362efbd81239521637a40ae12490312e4091b317931ff5619770f3434fdae89b613fa9920f51177487f02d6a2086b2e2257cf996ca25c3aefec7e

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1C8fvnh:6uaTmkZJ+naie5OTamgEoKxLWh3h

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 793692db37fce4189aa8ea1e617b209868fcc72fd3950989600508e7a70c5c5e.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections