Overview

overview

10

Static

static

10

965b501dab...a4.exe

windows7-x64

10

965b501dab...a4.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    965b501dab2d2fe5def50ed9d60997d501a07aa99b4fbe34db1fa79d19fa72a4.exe

  • Size

    707KB

  • MD5

    3cd730fb261e335055bfd0ef81104796

  • SHA1

    121ad527174fe7daba35d7f392b0d071be3bd75b

  • SHA256

    a231e2cef0af594d753eda1627fed3bc6495c38a22fe3b0fa001bb5627ee43e0

  • SHA512

    4e997d4244e360a39a43245dd789d4c698e6d7dd630a0563a66ade18805220220b5617019bccb25bc5d423f116ce1cb60fffb38ba929193e36603bbf90890647

  • SSDEEP

    6144:QcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1W8svnh:auaTmkZJ+naie5OTamgEoKxLWNyh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 965b501dab2d2fe5def50ed9d60997d501a07aa99b4fbe34db1fa79d19fa72a4.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections