Overview

overview

10

Static

static

10

7ba8bebf45...33.exe

windows7-x64

10

7ba8bebf45...33.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    7ba8bebf45f155fcaa7ac341106fd9366051d5999a28ebeabb7acb22f8737433

  • Size

    959KB

  • MD5

    de7842054652843bb0ad6b22b5d027ac

  • SHA1

    40c64082e19e9fff71ca827325b16f6a724afb8a

  • SHA256

    7ba8bebf45f155fcaa7ac341106fd9366051d5999a28ebeabb7acb22f8737433

  • SHA512

    461639bc7ad84ffaa91585664d726a75cb5e7eb383b74d19547269f1f4f7126265650410fd7cd5ad248be43d91769ef79083b4f05baa84805773c101ba8983c1

  • SSDEEP

    24576:uLjr3s2nScu1i1tz3f++5kRzFxk7rMxNeR1R9qpdyF:Ujrc2So1Ff+B3k7960

Score
10/10

Malware Config

Signatures

  • Detects Windows exceutables bypassing UAC using CMSTP COM interfaces. MITRE (T1218.003) 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 7ba8bebf45f155fcaa7ac341106fd9366051d5999a28ebeabb7acb22f8737433
    .exe windows:5 windows x86 arch:x86

    216df81b1ef7bc2aa8ec52bbeef137c9


    Headers

    Imports

    Sections