General

  • Target

    84ba9ebe889c3e289a22d88291fa483fe1700e87e1cd5191e8cf41f213b13003.exe

  • Size

    10.9MB

  • MD5

    a82df55a03a3dc038985a30f797cef24

  • SHA1

    fd30147c88f65ee9c83da7fc98c75c02a2fa7b8f

  • SHA256

    d1d74ec1039ff5aab99faf99bf70fb07f6b4c763a0c2fbc08b702ec9dcb03834

  • SHA512

    d587cb272e28d8142a1e62fb926637c9b3be348984f17afa390b29fe04c726286de95a2f881b22b187881d2e1a440306306cb91ce16f1cdfb1f6fc5c368194b9

  • SSDEEP

    98304:xnwgVIXh9xYacrRyyVyGHAeBSut+aFNnLlPLeqNZ8hY/LKbxabdDkEduupRlQgWm:u/YaolX+aFFLlPKQ8hY/RkQWslX4ge+

Score
10/10

Malware Config

Signatures

  • Detects binaries and memory artifacts referencing sandbox DLLs typically observed in sandbox evasion 1 IoCs
  • Detects command variations typically used by ransomware 1 IoCs
  • UPX dump on OEP (original entry point) 1 IoCs
  • Detects Pyinstaller 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 84ba9ebe889c3e289a22d88291fa483fe1700e87e1cd5191e8cf41f213b13003.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • psexec.pyc