Overview

overview

10

Static

static

10

7f57dbc0e7...63.exe

windows7-x64

10

7f57dbc0e7...63.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    7f57dbc0e79b257f22d5f1ed01788daa00d429c8357a85ade56d83f6277e0163.exe

  • Size

    707KB

  • MD5

    b02e2999e895e3a43a86f96e293a2095

  • SHA1

    a1e25ad3420f3c6833adc402d84236150b541698

  • SHA256

    7f57dbc0e79b257f22d5f1ed01788daa00d429c8357a85ade56d83f6277e0163

  • SHA512

    137762d0d32c9aa1b89d341ebc6e322e7298ff42ac823f545012587aca66521da3a53ef68a56277b9e3140c0c3de97254c22b14fc189015fa23f9b10d42ab4c4

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1V89vnh:6uaTmkZJ+naie5OTamgEoKxLWAJh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 7f57dbc0e79b257f22d5f1ed01788daa00d429c8357a85ade56d83f6277e0163.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections