Overview

overview

10

Static

static

10

791e711c2a...67.exe

windows7-x64

10

791e711c2a...67.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    791e711c2a3f54445be73d339b0e4fee045671d25e853a093733c2b2ae27b467.exe

  • Size

    707KB

  • MD5

    9c401995b3c6469f328acc44463969c7

  • SHA1

    4588eae9d3e63cfaa3e0a0cc8a8d1300fbb75ca0

  • SHA256

    1b22031cfbc484c71710e804114b1831f81257c567562a8349a0c63414cc6f1f

  • SHA512

    8e57fe93ec4f63126bcb24a9e405e8e9e4b04d803650c276c785c11c0d631d3c6b3904e602a58f4c1139ac1b9775efb581ede272c6e390f71497e2595c4c0d8f

  • SSDEEP

    6144:QcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1d83vnh:auaTmkZJ+naie5OTamgEoKxLW4fh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 791e711c2a3f54445be73d339b0e4fee045671d25e853a093733c2b2ae27b467.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections