Overview

overview

10

Static

static

10

96dd3e256e...75.exe

windows7-x64

10

96dd3e256e...75.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    96dd3e256e8ca89d3668b3edfa0d1d9d9441c35697a3d1855b71bcc157240b75.exe

  • Size

    707KB

  • MD5

    9f40e815a2c44785dc6e35de55f0ff83

  • SHA1

    fc89a01cd680b33bc41e965ffe62912fc454e03d

  • SHA256

    96dd3e256e8ca89d3668b3edfa0d1d9d9441c35697a3d1855b71bcc157240b75

  • SHA512

    21e66afc820bcbdc3c05123acddcc7f66242f3b7d596aef1b47a09bfb6fccb9f84c8696e917446ba742761dc6a7a01e75544de05b42c37f33cbc9173c5f43870

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1k8nvnh:6uaTmkZJ+naie5OTamgEoKxLWHvh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 96dd3e256e8ca89d3668b3edfa0d1d9d9441c35697a3d1855b71bcc157240b75.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections