Overview

overview

10

Static

static

10

fd2707ffb1...98.exe

windows7-x64

10

fd2707ffb1...98.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    fd2707ffb11e874235a2167f1d634e69831a706534112d7652f69ed23a3bae98.exe

  • Size

    707KB

  • MD5

    ae5ccdeb5e3e9760526388c3c132596a

  • SHA1

    8927111f6e77640b4c7cea00d37ac43b65009fd4

  • SHA256

    fd2707ffb11e874235a2167f1d634e69831a706534112d7652f69ed23a3bae98

  • SHA512

    c7570140371b61fef896c91ee5133d59d1f219c75e6d430496f6faadd250f22cabd9bab75fb3f0f289af34e5de7d4899f10fac1e40ce7548dc4896a0938d657f

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1p8yvnh:6uaTmkZJ+naie5OTamgEoKxLWkch

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • fd2707ffb11e874235a2167f1d634e69831a706534112d7652f69ed23a3bae98.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections