Overview

overview

10

Static

static

10

d79d1d9624...33.exe

windows7-x64

10

d79d1d9624...33.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    d79d1d96243510275d4c9c8b8a16ec05cf33577a7eacbe48bbe22666d189d833.exe

  • Size

    707KB

  • MD5

    c3ee253785aa1228371d211bf5e31939

  • SHA1

    36a292fde67393a80a930b4645d0508e0edb11da

  • SHA256

    d79d1d96243510275d4c9c8b8a16ec05cf33577a7eacbe48bbe22666d189d833

  • SHA512

    61d27ac57745a85e7cb6fba2578a635b8ec94c29cbdf282d8ae69e04b4854a334ea4064d5b739d6ecc5c30b5fdb795065113d0318ed2017d072d74a84bc75f6b

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1/8avnh:6uaTmkZJ+naie5OTamgEoKxLWO0h

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • d79d1d96243510275d4c9c8b8a16ec05cf33577a7eacbe48bbe22666d189d833.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections