General

  • Target

    92f2b7c987c1f86808373be952f08c3aee15db0ef5716a7127a20f6e3f957867.exe

  • Size

    707KB

  • MD5

    4aa2fc4a84a80a58cfa4797c4791069b

  • SHA1

    06dac9ef2c7546b2b5a717df22812dd0e6bf0fee

  • SHA256

    92f2b7c987c1f86808373be952f08c3aee15db0ef5716a7127a20f6e3f957867

  • SHA512

    78e30a83a4c321e8c033f5fb5bc3cc3840d9db8e51054e8468d65b283a9cfb4517ec78793bc2dd45b83a41d5cf33ab0670bfae1a00d25dea4c6a93a3c0be4794

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1W8Uvnh:6uaTmkZJ+naie5OTamgEoKxLWtqh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 92f2b7c987c1f86808373be952f08c3aee15db0ef5716a7127a20f6e3f957867.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections