Overview

overview

10

Static

static

10

f37a67d05b...75.exe

windows7-x64

10

f37a67d05b...75.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    f37a67d05b00f639cfa3ddca018ef18fc3d5c823627ce8a2a0e88d4786b1d275.exe

  • Size

    707KB

  • MD5

    2260fea4196e90209f401a984e4038d2

  • SHA1

    e4c46252a411072b16a9584b39dc05b58772f85c

  • SHA256

    f37a67d05b00f639cfa3ddca018ef18fc3d5c823627ce8a2a0e88d4786b1d275

  • SHA512

    a872cc34eea6875b45d6074a8fe120835efc94abf3e2dc8dfc1f71015584a47d1cfcfb9da545405ea8b4f703b337365a590237da33b5e93c550a2bb54e7c5aac

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1U8uvnh:6uaTmkZJ+naie5OTamgEoKxLWPwh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • f37a67d05b00f639cfa3ddca018ef18fc3d5c823627ce8a2a0e88d4786b1d275.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections