Overview

overview

10

Static

static

10

90d9f1dc59...d4.exe

windows7-x64

10

90d9f1dc59...d4.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    90d9f1dc59573ec613670d1031ecb7745e9291ee67a277e2ac42c757be82e6d4.exe

  • Size

    707KB

  • MD5

    ae986ecac3a3ea13683277cce9b2a498

  • SHA1

    3f368662dbb6aa22d61cbccb7bd214f228c70e80

  • SHA256

    90d9f1dc59573ec613670d1031ecb7745e9291ee67a277e2ac42c757be82e6d4

  • SHA512

    50670ade9e048471b2015ca1f93f4f3eb1cd73d373cad155f7248e3f1976456414c4e19cf4e1848cce7f463ca2f43e3e3c99443cf6c6584328fe20235c199f4d

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1T8ovnh:6uaTmkZJ+naie5OTamgEoKxLWqWh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 90d9f1dc59573ec613670d1031ecb7745e9291ee67a277e2ac42c757be82e6d4.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections