Overview

overview

10

Static

static

10

85b3f1e20f...f9.exe

windows7-x64

10

85b3f1e20f...f9.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    85b3f1e20f7d3b6b41658d4252322ba25058810f865dd065c7036893703021f9.exe

  • Size

    707KB

  • MD5

    e29fbb1291132e8c77fed76666355e9d

  • SHA1

    48b3e9f3428c2c9cd70df528b6bd93b27a18c72f

  • SHA256

    85b3f1e20f7d3b6b41658d4252322ba25058810f865dd065c7036893703021f9

  • SHA512

    1e5ed3c1a19a38570bf761bf94680a39daaffc03cfe205bc52ff2146a94d13e9e3251f206cf2d8346d75cb93eeda6de719a9e9be41698402ab4a00798b44d10d

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1n8ivnh:6uaTmkZJ+naie5OTamgEoKxLWush

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 85b3f1e20f7d3b6b41658d4252322ba25058810f865dd065c7036893703021f9.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections