Overview

overview

10

Static

static

10

9f977121e6...87.exe

windows7-x64

10

9f977121e6...87.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    9f977121e69827394ad84b9154d1fabc9ecbd77f14856dc22eb8f1ce6fe48f87.exe

  • Size

    707KB

  • MD5

    fe9200266a2eb410d992d7868cdc3200

  • SHA1

    bf70fcf0533f4d60a769d469e591be8880e1d7a7

  • SHA256

    9f977121e69827394ad84b9154d1fabc9ecbd77f14856dc22eb8f1ce6fe48f87

  • SHA512

    f32e1c6c07fbe8e6ac2be78739135820c83110aeb9fd8a351556cf96136f860c3dc844aa7b6f12ef82ae86a8e3f4b01726a99d6c45bd616c7b8222bbde6a9267

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1x8Yvnh:6uaTmkZJ+naie5OTamgEoKxLWkmh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 9f977121e69827394ad84b9154d1fabc9ecbd77f14856dc22eb8f1ce6fe48f87.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections