Overview

overview

10

Static

static

10

f6b922d337...04.exe

windows7-x64

10

f6b922d337...04.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f6b922d337cf9b620ad33df6cda4208e91fca62ae112b51415e7bd7dfce15804.exe

  • Size

    707KB

  • MD5

    f5e42acb319fd802b9dfe75410a429e3

  • SHA1

    33c312d0cd553baf8e8b2355f451bb5e10e46e2b

  • SHA256

    f6b922d337cf9b620ad33df6cda4208e91fca62ae112b51415e7bd7dfce15804

  • SHA512

    8d926485372b80fad3d7f49052a03b9fc82766fb56c5fc8eb332ad8b28eb4582a1d506a5d942b2dcd05f6b352d0d01487c05a1d1eff46c69377304d8a4ab1f32

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1d8zvnh:6uaTmkZJ+naie5OTamgEoKxLWYzh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • f6b922d337cf9b620ad33df6cda4208e91fca62ae112b51415e7bd7dfce15804.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections