Overview

overview

10

Static

static

10

a97c7ff0c7...57.exe

windows7-x64

10

a97c7ff0c7...57.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    a97c7ff0c791d8fd7cbc608128985dbc4f4ed12fb3d7363abe7b22d52abefb57.exe

  • Size

    707KB

  • MD5

    3a76f83c65e0d9f5c84d567a9420be78

  • SHA1

    2f0081a916b6715a43e2c7810a675606adc08ed7

  • SHA256

    a97c7ff0c791d8fd7cbc608128985dbc4f4ed12fb3d7363abe7b22d52abefb57

  • SHA512

    3897317cd78557326af9b02e71600333ef0ef78d347def52d8ca18625bc3cade9d552f8eb365269c4a55379702990dcb6792064e868c021db5cd99b75270bd8d

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1P8nvnh:6uaTmkZJ+naie5OTamgEoKxLW+vh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • a97c7ff0c791d8fd7cbc608128985dbc4f4ed12fb3d7363abe7b22d52abefb57.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections