General
-
Target
2024-05-09_1dd1a6928f31d1d03f8321b0dcada558_darkgate_ransomlock
-
Size
1.3MB
-
MD5
1dd1a6928f31d1d03f8321b0dcada558
-
SHA1
40f725f4e62be0a2715f6d4ec8fe7c762658947a
-
SHA256
bbd7cc6c4b1aed24377b9f4148127b8b915c63e9ec6f38c81baae282668f4f05
-
SHA512
a0964c1fe565ec816147972418bd6070416523cfd6c777ecf38cc368c66ee5c0e4095141db29507d7ef66b88519b18127570d3f7355e53eb814613d2eda2efda
-
SSDEEP
24576:/wxPanDWDAxfy+t4g6cBLi2iYQOlbQTAIUq:oxPpWTjPJplUTjUq
Score
10/10
Malware Config
Signatures
-
Detects executables containing artifacts associated with disabling Widnows Defender 1 IoCs
-
Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
2024-05-09_1dd1a6928f31d1d03f8321b0dcada558_darkgate_ransomlock
Headers
Sections