Overview

overview

10

Static

static

10

c87c085df7...7c.exe

windows7-x64

10

c87c085df7...7c.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c87c085df757b4f1962d5aeebf99345053bf5e6be5993c4984b11004de84757c.exe

  • Size

    707KB

  • MD5

    9eb2912a5baf771c779a270fd54f1e72

  • SHA1

    d477c0c72ac42fc4771f99eff925a6737f64ea13

  • SHA256

    c87c085df757b4f1962d5aeebf99345053bf5e6be5993c4984b11004de84757c

  • SHA512

    d4047053fcab32bb2a3599c3fcfb78a771e828126656db2dd0e9b4c44458f49235d8657ede53edcf0c76bbcb88b9c56ab1c59ac7bb7df07fe1bbcc5831296df2

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1j8Zvnh:6uaTmkZJ+naie5OTamgEoKxLWCdh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • c87c085df757b4f1962d5aeebf99345053bf5e6be5993c4984b11004de84757c.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections