Overview

overview

10

Static

static

10

9024d88d6d...94.exe

windows7-x64

10

9024d88d6d...94.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9024d88d6d13ae39fabf8f26af11d206177bd7a6b27bdaa25173b9ef71148c94.exe

  • Size

    707KB

  • MD5

    392457a6460ff6bedd9f2e983ae298fe

  • SHA1

    f9bd5c484ef0a01e826963a3c9f1aeec5d7635cf

  • SHA256

    9024d88d6d13ae39fabf8f26af11d206177bd7a6b27bdaa25173b9ef71148c94

  • SHA512

    b2f96b2c67677df4a7a37e925f24347f80e69cbebdcbe3d4895db4273bddf8b35f29f80260c12b8bd525b332b58eb4ef8e50c7046dbd83cb443c80a67780d424

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1s80vnh:6uaTmkZJ+naie5OTamgEoKxLW/Kh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 9024d88d6d13ae39fabf8f26af11d206177bd7a6b27bdaa25173b9ef71148c94.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections