Overview

overview

10

Static

static

10

7d4f29346e...c0.exe

windows7-x64

10

7d4f29346e...c0.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7d4f29346ec00b14101a0de3f0c22b88fe05a124e54b2f678ceff3d8897a69c0.exe

  • Size

    707KB

  • MD5

    d11ddde4617c0cc05ce8a950ec9560be

  • SHA1

    b0480f6b08c1d821d8c589ca41345a12b0b4db0d

  • SHA256

    7d4f29346ec00b14101a0de3f0c22b88fe05a124e54b2f678ceff3d8897a69c0

  • SHA512

    da5610b43d210ee5c108a13b8d60d6b95ff339888f03a1aeaad93eb60f513e68d6303b5654e18acecd6d6c3a9acca307bf3a8df40059cad7772e5aaf939369d2

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1V88vnh:6uaTmkZJ+naie5OTamgEoKxLWYih

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 7d4f29346ec00b14101a0de3f0c22b88fe05a124e54b2f678ceff3d8897a69c0.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections