General

  • Target

    2024-04-09_b445cc5479b49abd035f104aa704b8ab_petya

  • Size

    2.8MB

  • MD5

    b445cc5479b49abd035f104aa704b8ab

  • SHA1

    d5c94b8fd29d7a073cd5428c0327af9f516a2346

  • SHA256

    9eaef2a3e9a8c5f39a9c7b394e87cd14b2b923db545bb9ffedd1bf524b435a89

  • SHA512

    694d1c6a2c9ed4a786a02b2a4c8178a5f2ae03b326af20673082c45f5a26a7d24b0b677db4d4e0cc4010fc9509724060dc1a71ad2115399e7d6586ae2456113f

  • SSDEEP

    49152:ri94FiQoRiPoPoxsWsaLevUBwsKV/cUZFdXrX75hJSCACytBxZV6X4snchEl/jnS:r1k8+dm3Oxji2l8U7WuTMCPeM2ieLTyC

Score
10/10

Malware Config

Signatures

  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2024-04-09_b445cc5479b49abd035f104aa704b8ab_petya
    .exe windows:5 windows x64 arch:x64

    32ebf6d05d9909a5528c036496ee3157


    Headers

    Imports

    Sections