General

  • Target

    02fe5f0b8374e02114e2ce8c9a47044cbf175dc0d7055498388ed3fe84c7020c.exe

  • Size

    707KB

  • MD5

    c686b20c4329eea3e0517c8743e78ca5

  • SHA1

    7ba41ff012e6dfa42edabff816e17dd0dcbab493

  • SHA256

    02fe5f0b8374e02114e2ce8c9a47044cbf175dc0d7055498388ed3fe84c7020c

  • SHA512

    61735ecf0decce4556b012fc22e9e68a2fd1e52bc2c3ac5fb7fcc59f2c7a5f23889a92e60952815438a9a1c9b356eb210dd2a0c4df062c2ae679315ee49e46cf

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1E8yvnh:6uaTmkZJ+naie5OTamgEoKxLWnch

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 02fe5f0b8374e02114e2ce8c9a47044cbf175dc0d7055498388ed3fe84c7020c.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections