Overview

overview

10

Static

static

10

9f3d88a9a3...cb.exe

windows7-x64

10

9f3d88a9a3...cb.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    9f3d88a9a339463e9a257c789dda8c9c7d00039b3f38e6bd028b9fb06afefbcb.exe

  • Size

    707KB

  • MD5

    7b123b5055a1dc5dc8549ab7564d5c09

  • SHA1

    21d6222de58a10b12b20c5370741c089b0022d65

  • SHA256

    9f3d88a9a339463e9a257c789dda8c9c7d00039b3f38e6bd028b9fb06afefbcb

  • SHA512

    30449090340b080d31a42a45ff9d469a6b5c91cae824b2a353029efe5ddec5fe9b0d29e7fd71e94fd7275af8b8b0625524d1af634112508a94addb040b264603

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza198Hvnh:6uaTmkZJ+naie5OTamgEoKxLWAPh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 9f3d88a9a339463e9a257c789dda8c9c7d00039b3f38e6bd028b9fb06afefbcb.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections