Overview

overview

10

Static

static

10

74437ac6c9...78.exe

windows7-x64

10

74437ac6c9...78.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    74437ac6c9f630c52c7e230d57d38c4cbc3affb3bec9215f090a0e3dca8e9d78

  • Size

    959KB

  • MD5

    e9cd8c321b68118611a0863b0b91b8f5

  • SHA1

    dde3509b41639f4ae7383bcd7b1c17db88b667cf

  • SHA256

    74437ac6c9f630c52c7e230d57d38c4cbc3affb3bec9215f090a0e3dca8e9d78

  • SHA512

    35fd50ec73ac69aab6c98a1f107c418acaffd9c4c933133064776962520a94d54f796b59558d72ede581e78e405b55c22f7a40d0788244f6d274fe399facacf3

  • SSDEEP

    24576:uLjr3s2nScu1i1tz3f++5kRzFxk7rMxNeR1R9qpdAF:Ujrc2So1Ff+B3k796W

Score
10/10

Malware Config

Signatures

  • Detects Windows exceutables bypassing UAC using CMSTP COM interfaces. MITRE (T1218.003) 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 74437ac6c9f630c52c7e230d57d38c4cbc3affb3bec9215f090a0e3dca8e9d78
    .exe windows:5 windows x86 arch:x86

    216df81b1ef7bc2aa8ec52bbeef137c9


    Headers

    Imports

    Sections