Overview

overview

10

Static

static

10

b02d8929a7...c6.exe

windows7-x64

10

b02d8929a7...c6.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    b02d8929a77f32bf54f310ff6fa4a9f48df02f8976a3d646163fb1164108fec6.exe

  • Size

    707KB

  • MD5

    28475e94f98abc724a53794893557b53

  • SHA1

    b220b42faa2d51b8e515b2307e0c51ef1b0ce589

  • SHA256

    b02d8929a77f32bf54f310ff6fa4a9f48df02f8976a3d646163fb1164108fec6

  • SHA512

    49ec7316ca11946944b3603fd11e4f2ad5c8c7460617ab1eb29d6caaa63394f56b033cef69047e288f5fb46d82295b4cd149d3648da7aff1e342d97dd04e0cec

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza168hvnh:6uaTmkZJ+naie5OTamgEoKxLW51h

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • b02d8929a77f32bf54f310ff6fa4a9f48df02f8976a3d646163fb1164108fec6.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections