Overview

overview

10

Static

static

10

d35618c426...08.exe

windows7-x64

10

d35618c426...08.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    d35618c42611f33eb8e19345307003db6d821aa010aa162c53875bc10c506108.exe

  • Size

    707KB

  • MD5

    f8d443a2a50430f800a26413f98cc3e7

  • SHA1

    f1ff583c8d4a5995fd69ed671df74f4ee7c4c3c7

  • SHA256

    d35618c42611f33eb8e19345307003db6d821aa010aa162c53875bc10c506108

  • SHA512

    38633279de068d70552f905d51dedaefa516ea7b88f1ddd558699b6595aceb643809eeb4e0eacf506901645da9571e3e23cdd62eec3fb0c37ef65d1d7e2de927

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1i8nvnh:6uaTmkZJ+naie5OTamgEoKxLWhvh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • d35618c42611f33eb8e19345307003db6d821aa010aa162c53875bc10c506108.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections