Overview

overview

10

Static

static

10

7f397d35af...c3.exe

windows7-x64

10

7f397d35af...c3.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7f397d35afff3b4966dc273352d2a21d17bf9880809929ae351d68704c6763c3.exe

  • Size

    707KB

  • MD5

    584cdfd6fe3ea939b23360e593ec6fa7

  • SHA1

    bc8bb85d443804ecb5f1be77061fa8ea25c9c8b3

  • SHA256

    7f397d35afff3b4966dc273352d2a21d17bf9880809929ae351d68704c6763c3

  • SHA512

    984feb0ea4885f41585aeb760c7cc4f919810eba1700c4e379e9dd447c6ef4fbe8e26460a3b6a4a9ebfec19cad80f176edf386cabbbbaedcc5390b403a0570c6

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1W8cvnh:6uaTmkZJ+naie5OTamgEoKxLWlCh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 7f397d35afff3b4966dc273352d2a21d17bf9880809929ae351d68704c6763c3.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections