Overview

overview

10

Static

static

10

bf27e9fc44...6b.exe

windows7-x64

10

bf27e9fc44...6b.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bf27e9fc44f6e43080f919d94b1f89675432b0acd1669c7a60d3243040f48b6b.exe

  • Size

    707KB

  • MD5

    81219b971d78fa20e7c8351f721e32df

  • SHA1

    07dcf08017d78429d050ebf651301ef9efc1a8b1

  • SHA256

    bf27e9fc44f6e43080f919d94b1f89675432b0acd1669c7a60d3243040f48b6b

  • SHA512

    14154d16d7bfdd0b61897495335eb3d44c0aae06b3050e6359340a31d514bbb0a0c48ecfb0c72cb315fcd086bbbe2daf86dbdae70c423ab13917177533eeb883

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1U8Tvnh:6uaTmkZJ+naie5OTamgEoKxLWPTh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • bf27e9fc44f6e43080f919d94b1f89675432b0acd1669c7a60d3243040f48b6b.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections