Overview

overview

10

Static

static

10

fb03c67929...2d.exe

windows7-x64

10

fb03c67929...2d.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    fb03c6792991587ad2d15f6ab9c4a5c5f5d6a5adea7b4ffccadb861fa5437a2d.exe

  • Size

    707KB

  • MD5

    5e09522ec45fbd64e00b6a053718cb10

  • SHA1

    0ef0c008a1f8be8060dafca399ecab472be587cd

  • SHA256

    fb03c6792991587ad2d15f6ab9c4a5c5f5d6a5adea7b4ffccadb861fa5437a2d

  • SHA512

    bae87ddc0a33efe6d5472541602fdafb927292bd8a7095a3b2bb2a7547e324072713f46df6bae147614ca834b5e2bd4b4fe91293e943f72401801ddb451d5800

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1E8cvnh:6uaTmkZJ+naie5OTamgEoKxLWfCh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • fb03c6792991587ad2d15f6ab9c4a5c5f5d6a5adea7b4ffccadb861fa5437a2d.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections