Overview

overview

10

Static

static

10

89af015f23...72.exe

windows7-x64

10

89af015f23...72.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    89af015f231b8cd7f63df51d00d67e2c4580d45cb03b3bcbd0ff453ffd670272.exe

  • Size

    707KB

  • MD5

    8b5ea58a20efe417ffe2cc95f48ffa0c

  • SHA1

    706dc7d0734144589496549295b23701f27e1cd5

  • SHA256

    89af015f231b8cd7f63df51d00d67e2c4580d45cb03b3bcbd0ff453ffd670272

  • SHA512

    190721f0e82e301aafcf5dd13eb06764cd84ce607503374b5cf36e5ddf2c15263ff251d8399b8de862d375f2c6f0be2207757e712015918c93992e1ed538d1bf

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1g8gvnh:6uaTmkZJ+naie5OTamgEoKxLWD+h

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 89af015f231b8cd7f63df51d00d67e2c4580d45cb03b3bcbd0ff453ffd670272.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections