Overview

overview

10

Static

static

10

00a2fba751...3f.exe

windows7-x64

10

00a2fba751...3f.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    00a2fba75123949ae69935e23c5daae71321aa6657987d49dc8095d92993b53f.exe

  • Size

    707KB

  • MD5

    f9e31dfde5ae4bfd7c3a062f45711f45

  • SHA1

    8131bc19995597889b9a0fdc25df30bceebcd87f

  • SHA256

    00a2fba75123949ae69935e23c5daae71321aa6657987d49dc8095d92993b53f

  • SHA512

    a38d9a0d0591dfde9633b2ea388a591c15713bdeae0ba7de7a1df6e928e68a03c6f8c2e9df31eec2f091a6481b728faa75d8b2d3326d42c92beac518faebdbcf

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1Y8Ovnh:6uaTmkZJ+naie5OTamgEoKxLWLQh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 00a2fba75123949ae69935e23c5daae71321aa6657987d49dc8095d92993b53f.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections