Overview

overview

10

Static

static

10

3ae560665a...48.exe

windows7-x64

10

3ae560665a...48.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    3ae560665ace3d7f3827ba6764f23b759fb32b143c801098a95f02f4342c5048.exe

  • Size

    707KB

  • MD5

    9cf2a5810c6f7a45be996a3bb28205d8

  • SHA1

    16e8caeb85fb668a8f80582b6ffce7a019c3c106

  • SHA256

    3ae560665ace3d7f3827ba6764f23b759fb32b143c801098a95f02f4342c5048

  • SHA512

    69e3a079729634e078630b0062b95cf9e0f9abd40a04a7942a0b60f2ff0c0591ff03280792538d85f34b6b360eba6ce4dc4c5773e5ce7db86d2257955efb37c3

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1d8cvnh:6uaTmkZJ+naie5OTamgEoKxLWQCh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 3ae560665ace3d7f3827ba6764f23b759fb32b143c801098a95f02f4342c5048.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections