Overview

overview

10

Static

static

10

416b31b850...58.exe

windows7-x64

10

416b31b850...58.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    416b31b85012bc72bf9637788e117d968218f3465b74d496b72416fbfca7a158.exe

  • Size

    707KB

  • MD5

    ec46ee75f9c2d0b30ecbc4d8bad390df

  • SHA1

    fbf0a3394238308d26742698f99dc86555e8ab74

  • SHA256

    416b31b85012bc72bf9637788e117d968218f3465b74d496b72416fbfca7a158

  • SHA512

    268cf568427a5f09c329800ca5dca9061ff94dc8e588d5c507828b651b3da61be48375c976c244f10355b496b2ad50b498387b1b1ad6e33c89df748e74a92a3e

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1U8yvnh:6uaTmkZJ+naie5OTamgEoKxLW3ch

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 416b31b85012bc72bf9637788e117d968218f3465b74d496b72416fbfca7a158.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections