Overview

overview

10

Static

static

10

990304d62b...3f.exe

windows7-x64

10

990304d62b...3f.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    990304d62bacd7bc4714ed1cf04bd1cf66c2040c14604d863097675b5d6a273f.exe

  • Size

    707KB

  • MD5

    00ead50bef36e6e56f5f9e0022608e1a

  • SHA1

    1fa93a521d888a46136519442412a31f2709e18e

  • SHA256

    990304d62bacd7bc4714ed1cf04bd1cf66c2040c14604d863097675b5d6a273f

  • SHA512

    a8280949db2407931d5897a6841f7d9f0cee736f8406642a531585e8e690ea5a32b2c58025ac9c0c38d8d1110e4557cdf88df23dc54b254eae91e78e1c67fd1c

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1V8rvnh:6uaTmkZJ+naie5OTamgEoKxLW47h

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 990304d62bacd7bc4714ed1cf04bd1cf66c2040c14604d863097675b5d6a273f.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections