Overview

overview

10

Static

static

10

fef1f9664f...69.exe

windows7-x64

10

fef1f9664f...69.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fef1f9664fde9b23754c691b15a05fdc35a51a0ceb8a18fb9a5a0166e6377c69

  • Size

    959KB

  • MD5

    41687e58130c8bdca248e1403e565afb

  • SHA1

    6eda5da62e5073a67ff89dd89b85328dd2df73d1

  • SHA256

    fef1f9664fde9b23754c691b15a05fdc35a51a0ceb8a18fb9a5a0166e6377c69

  • SHA512

    6cd670e5f14a8d6fa1b5894a89cfe514d403f3f8dc82be9c83f86345be72d218844cd3f8c1c045deae6a292796d6d280efe49c8de724abda038c522407a14cde

  • SSDEEP

    24576:TLjr3s2nScu1i1tz3f++5kRzFxk7rMxNeR1R9qpdAF:Pjrc2So1Ff+B3k796W

Score
10/10

Malware Config

Signatures

  • Detects Windows exceutables bypassing UAC using CMSTP COM interfaces. MITRE (T1218.003) 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • fef1f9664fde9b23754c691b15a05fdc35a51a0ceb8a18fb9a5a0166e6377c69
    .exe windows:5 windows x86 arch:x86

    216df81b1ef7bc2aa8ec52bbeef137c9


    Headers

    Imports

    Sections