Overview

overview

10

Static

static

10

7beec4b503...1f.exe

windows7-x64

10

7beec4b503...1f.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    7beec4b503912f615baf6958c9019ae0dc2d240b9e34653e7fab57b39abee11f.exe

  • Size

    707KB

  • MD5

    00d0818d90dc8d109a07570161bb4184

  • SHA1

    3fd68651bba56a8a778f7e31a6f11e7108c73ffc

  • SHA256

    7beec4b503912f615baf6958c9019ae0dc2d240b9e34653e7fab57b39abee11f

  • SHA512

    926383f4d9cd17663caa2542ebb602a44a1078ebf8dbe06a5903a41b68d09b2f3f0db19ef1692a42246a1049f79072faf356ee0cbd489e2c10d2f6572840ea5b

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza108/vnh:6uaTmkZJ+naie5OTamgEoKxLW3Xh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 7beec4b503912f615baf6958c9019ae0dc2d240b9e34653e7fab57b39abee11f.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections