Overview

overview

10

Static

static

10

3b736a1ff2...b1.exe

windows7-x64

10

3b736a1ff2...b1.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    3b736a1ff2ab837584240eaabb24228568fce4c1ba8abdb2bc962fe4dfcc8db1.exe

  • Size

    707KB

  • MD5

    7a40cddd2212040fc7b4cb10ead9ea5d

  • SHA1

    8bed5526e02898de8156c6c7dcf59d2b46fe2cc6

  • SHA256

    233204b3c07fc14580dc9d8aaf573d3e5297347420d8cd91a9501487c570eadf

  • SHA512

    9a3c7be8a0706969d99b9314f8c2285a3abf8d4d19840753dfe7d392c5a0ca8b2cb7affdf1ee7875048a3f9c3b0e62119840685c86660ceb9bf4dfea7aa2a30d

  • SSDEEP

    6144:QcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1a8Qvnh:auaTmkZJ+naie5OTamgEoKxLW5Oh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 3b736a1ff2ab837584240eaabb24228568fce4c1ba8abdb2bc962fe4dfcc8db1.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections