Overview

overview

10

Static

static

10

78bc8df93c...65.exe

windows7-x64

10

78bc8df93c...65.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    78bc8df93ce8fdb90707d0a9b1fb442b760d4b2a0e102fd90c2306181d7bc565.exe

  • Size

    707KB

  • MD5

    ea14521e6ab88ee991b1eaaa33732c66

  • SHA1

    9441b55801cf5bd7a8abcbdf06935b5ea757ed43

  • SHA256

    78bc8df93ce8fdb90707d0a9b1fb442b760d4b2a0e102fd90c2306181d7bc565

  • SHA512

    3fe1c4dc94ab5c4a29d87a381dd12c3c7cb50f63baf47d2dced3677d9105eb8c281ef2df575025d3a585211b55a3e62ce3f131c1acc29a28f6bf5c138ba872cb

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza148Fvnh:6uaTmkZJ+naie5OTamgEoKxLWbhh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 78bc8df93ce8fdb90707d0a9b1fb442b760d4b2a0e102fd90c2306181d7bc565.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections