General
-
Target
3d475c0e54a34cfebd641e295dedeacddf087d29dee6129a99d44a73b05e69a4
-
Size
959KB
-
MD5
c5c110eca721f50883edc99948d2ba88
-
SHA1
48da944b626644721d5f9a30e193cf8edc42145d
-
SHA256
3d475c0e54a34cfebd641e295dedeacddf087d29dee6129a99d44a73b05e69a4
-
SHA512
00872b91db2a964db7a1d53687b8997e57d28aade8bf6fa3ef2367ba32f276ce8244b0b9ed5279f6bd06423c12314eede0931a12210ac8b60710e7c01735dd8d
-
SSDEEP
24576:uLjr3s2nScu1i1tz3f++5kRzFxk7rMxNeR1R9qpd+F:Ujrc2So1Ff+B3k796w
Score
10/10
Malware Config
Signatures
-
Detects Windows exceutables bypassing UAC using CMSTP COM interfaces. MITRE (T1218.003) 1 IoCs
-
Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
-
Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
3d475c0e54a34cfebd641e295dedeacddf087d29dee6129a99d44a73b05e69a4
216df81b1ef7bc2aa8ec52bbeef137c9
Headers
Imports
Sections