Overview

overview

10

Static

static

10

8d2071db57...f1.exe

windows7-x64

10

8d2071db57...f1.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    8d2071db5741f56e1b1e9038a0bf3c48d221e619d4749911c67d82d4e03bbef1.exe

  • Size

    707KB

  • MD5

    4d24abb085afee783acf004526f311c6

  • SHA1

    f0e2e1f48dba3f755fed701e57af206c0add171f

  • SHA256

    8d2071db5741f56e1b1e9038a0bf3c48d221e619d4749911c67d82d4e03bbef1

  • SHA512

    7047e89ec0f94e7238a801af94551151c4f2fb1f1b6d92c52ab76ea2b59c84ae24e2e69c48115f4870b5842cb5b9197f2ed8dd2f8fd2b3eca946127f58e4f733

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1k8bvnh:6uaTmkZJ+naie5OTamgEoKxLWvLh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 8d2071db5741f56e1b1e9038a0bf3c48d221e619d4749911c67d82d4e03bbef1.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections