Overview

overview

10

Static

static

10

446a121544...a6.exe

windows7-x64

10

446a121544...a6.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    446a121544418c49e8fb3143bdea488b90628c5a6dfe546c6e20e07d153d7ea6.exe

  • Size

    707KB

  • MD5

    b198415f6750605f8f049447732aae44

  • SHA1

    171397508c62706a8526ca1740f3c917bf84524d

  • SHA256

    446a121544418c49e8fb3143bdea488b90628c5a6dfe546c6e20e07d153d7ea6

  • SHA512

    915fac76046ea93d75af96a846825a73491baf877506ba8010886d8270b22a6607b33505719051423524789169616176b5883dcb086ae11e0c30106410fa4e9d

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza138Mvnh:6uaTmkZJ+naie5OTamgEoKxLW2Sh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 446a121544418c49e8fb3143bdea488b90628c5a6dfe546c6e20e07d153d7ea6.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections