Overview

overview

10

Static

static

10

9b9d658dbb...ec.exe

windows7-x64

10

9b9d658dbb...ec.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    9b9d658dbbc535551a6c6a7f98f61620a2c8e5734a968485b0a79c77561832ec.exe

  • Size

    707KB

  • MD5

    7160fe12e15a30c49f83630a83734b44

  • SHA1

    5f86e9af91d7f41c9caab7ced94576d12f493029

  • SHA256

    9b9d658dbbc535551a6c6a7f98f61620a2c8e5734a968485b0a79c77561832ec

  • SHA512

    b1c30192a16152138b87a2b5bb10946702845f9017e97a86988e54ca64bbb047a097ff59babec46f046d71863b8ae7fb62d54487963724b397ae1a18fed5b648

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1V81vnh:6uaTmkZJ+naie5OTamgEoKxLWAxh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 9b9d658dbbc535551a6c6a7f98f61620a2c8e5734a968485b0a79c77561832ec.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections