Overview

overview

10

Static

static

10

852c811395...7c.exe

windows7-x64

10

852c811395...7c.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    852c8113950410d860fe32f18b5ec69a01c6c0caece77dbbd18b28ddb8a4b97c.exe

  • Size

    707KB

  • MD5

    f519c906bbd3a4c31c42d41c72a829fa

  • SHA1

    4f2ded7ff969b6f2f131f1f07a646dc1f62515b8

  • SHA256

    852c8113950410d860fe32f18b5ec69a01c6c0caece77dbbd18b28ddb8a4b97c

  • SHA512

    628df6db0c057648b31932168a97508b1c01c13ad73a7f6dbe5760512e023b31f6a2dd114d629cdb36e3912904fc56c102c1fb0d65888ae2d3f37e145e2e62c9

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1h8Svnh:6uaTmkZJ+naie5OTamgEoKxLW08h

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 852c8113950410d860fe32f18b5ec69a01c6c0caece77dbbd18b28ddb8a4b97c.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections