Overview

overview

10

Static

static

10

9fa8c1176b...0c.exe

windows7-x64

10

9fa8c1176b...0c.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    9fa8c1176b9b8e8cdc596aa0595155c96a84ce78f003b738e05780c131ed300c.exe

  • Size

    707KB

  • MD5

    13feaa1a66ed1bff570c6bd1983b1a44

  • SHA1

    8115c2f04c3ed9b2dc155944d47c732e9599b82f

  • SHA256

    9fa8c1176b9b8e8cdc596aa0595155c96a84ce78f003b738e05780c131ed300c

  • SHA512

    fcb33ce6b45ef56ad41cf68164dc5c5eb40b18f52e3243dfa517f300b80607c28d1b8718d64f34fc7fa9aea60d7c9b7fd68bac87a46b02b8fd76dbf538e92e7b

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1L8mvnh:6uaTmkZJ+naie5OTamgEoKxLW6Yh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 9fa8c1176b9b8e8cdc596aa0595155c96a84ce78f003b738e05780c131ed300c.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections