Overview

overview

10

Static

static

10

bd8f93730a...12.exe

windows7-x64

10

bd8f93730a...12.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    bd8f93730a0e3aa51e4df6d7079ea12d3dd036f94bf0e8273093777adee1be12.exe

  • Size

    707KB

  • MD5

    12e00ff67af22b7c63796dc4cf7a6d8a

  • SHA1

    52b626569b5a11fb1abac731fde50d3292a524b9

  • SHA256

    bd8f93730a0e3aa51e4df6d7079ea12d3dd036f94bf0e8273093777adee1be12

  • SHA512

    ddb95ec89dd47932455574f373caa22ee1312a48d9fab676efe2c85c7ca88ffd4d4bb4dbeffac83406ec276f897d82378b1b03cd56c9710b157bb56eca725599

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1/8Mvnh:6uaTmkZJ+naie5OTamgEoKxLWOSh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • bd8f93730a0e3aa51e4df6d7079ea12d3dd036f94bf0e8273093777adee1be12.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections