Overview

overview

10

Static

static

10

998f73d577...0e.exe

windows7-x64

10

998f73d577...0e.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    998f73d577cd6e00b95be097bed358748fcda3525a46f4eac6a5e6bfd62a1e0e.exe

  • Size

    707KB

  • MD5

    fd84089265f8d364475730755ac7916f

  • SHA1

    03678f77089dfcce49ae6ec739aa9db9db136944

  • SHA256

    8825914dc4776cf69cb350afc7485b02a1efc187e7456bf3430ad361bb490407

  • SHA512

    b64d5e0aa0faabbaad4aaa90df168b21cb8487968319b3b99273e381fdf66eb74aa58c6fe706afbc782722532c2aed00fc2ccf3a78cfc9251e60522527b3a016

  • SSDEEP

    6144:QcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1/8Uvnh:auaTmkZJ+naie5OTamgEoKxLW2qh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 998f73d577cd6e00b95be097bed358748fcda3525a46f4eac6a5e6bfd62a1e0e.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections