General

  • Target

    3fa4a10d6132b2c7234726ce029c65ebdd605335bd29befd37118f23cec1afb3.zip

  • Size

    5.7MB

  • MD5

    c6757e0216d77d7b4425ec238b1c7ff4

  • SHA1

    d304f97d9b77953a2a03ec6337f081ab9cb2522b

  • SHA256

    3fa4a10d6132b2c7234726ce029c65ebdd605335bd29befd37118f23cec1afb3

  • SHA512

    d4df9170c48459534fe73d3ab951e003888d5fa8eac1c3bc6834c32adca28d41ae697935e96ed0f8ad7bacd87e62ecc9bbac0c1179056f3022be10b1f54247bb

  • SSDEEP

    98304:AiVR2NGWlwraUvwtRaEQuskGb7V/b6UNMmUY3PEMUjFaepv8X8rRFlMs1:AiVR2zqrbvQBiXZU+ENVUX8lrMG

Malware Config

Signatures

  • Blackcat family
  • Chaos Ransomware 1 IoCs
  • Chaos family
  • Detect MafiaWare666 ransomware 1 IoCs
  • Detect Maui ransomware 1 IoCs
  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Mafiaware666 family
  • Maui family
  • Njrat family
  • UPX dump on OEP (original entry point) 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 3fa4a10d6132b2c7234726ce029c65ebdd605335bd29befd37118f23cec1afb3.zip
    .zip

    Password: infected

  • df9498892ae72f611128c9a8bc57b93964f34cc235f5aaf57fe10fb2b3c69aa3
    .exe windows:5 windows x64 arch:x64

    aa466c044f0d2d2f6270070fe1bddf7b


    Headers

    Imports

    Sections