Overview

overview

10

Static

static

10

bdbbb0726e...4b.exe

windows7-x64

10

bdbbb0726e...4b.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    bdbbb0726e7cd9a0a2ca1147527537448a4eea2f997e5a1f2970f2840e24b54b.exe

  • Size

    707KB

  • MD5

    26b56076a09e569d4a5adb77af94482c

  • SHA1

    da01dcd44d12703c41f7ebc6b9978de315f093c2

  • SHA256

    bdbbb0726e7cd9a0a2ca1147527537448a4eea2f997e5a1f2970f2840e24b54b

  • SHA512

    a603962ae2d5caa933fa8e0afb3d2116a1309995e11141a8df044fb028de7e1c7a9503a61e839e09a40b81831af3317a13d0af383fbca0198cb51da881dc544f

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1K8evnh:6uaTmkZJ+naie5OTamgEoKxLW5Ah

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • bdbbb0726e7cd9a0a2ca1147527537448a4eea2f997e5a1f2970f2840e24b54b.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections