Overview

overview

10

Static

static

10

2ecf1fe02d...35.exe

windows7-x64

10

2ecf1fe02d...35.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2ecf1fe02d8fb099b68e4d9bceeeadbe5fc8347f5a76d52f35ed48b516963735

  • Size

    959KB

  • MD5

    ebd239b8b8fe486b2a13a5896a96d044

  • SHA1

    60821226d8d934d488d4f8e8081c32c6a73f8929

  • SHA256

    2ecf1fe02d8fb099b68e4d9bceeeadbe5fc8347f5a76d52f35ed48b516963735

  • SHA512

    2bd55c0548c3bdccde061098ed314705c131e745c8a7503708f2e8a5c98beb94fb55c7f7a183945c199badcacae37d81e5edc9afd9c802b2778867928e7371f6

  • SSDEEP

    24576:uLjr3s2nScu1i1tz3f++5kRzFxk7rMxNeR1R9qpdHF:Ujrc2So1Ff+B3k7969

Score
10/10

Malware Config

Signatures

  • Detects Windows exceutables bypassing UAC using CMSTP COM interfaces. MITRE (T1218.003) 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2ecf1fe02d8fb099b68e4d9bceeeadbe5fc8347f5a76d52f35ed48b516963735
    .exe windows:5 windows x86 arch:x86

    216df81b1ef7bc2aa8ec52bbeef137c9


    Headers

    Imports

    Sections