Overview

overview

10

Static

static

10

46a12a0e25...cd.exe

windows7-x64

10

46a12a0e25...cd.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    46a12a0e259d85c60ba0c87f827e385ad4b6775a130b7749670588364dfcefcd.exe

  • Size

    707KB

  • MD5

    d3e62fafb034d62c1755e066d938caf4

  • SHA1

    7df49791cd03ef1f64c9b0f3acea975e59cd3df4

  • SHA256

    46a12a0e259d85c60ba0c87f827e385ad4b6775a130b7749670588364dfcefcd

  • SHA512

    bc7cbbaf7cf66b425e32ab9578a2a0262cfc4b6b17cdc2f4d2187dc686299c11294e970c69c2fc68e9b904b4fdf7ffb0a11125fc858e5ca2f400cd1240b9d38f

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1M8cvnh:6uaTmkZJ+naie5OTamgEoKxLWfCh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 46a12a0e259d85c60ba0c87f827e385ad4b6775a130b7749670588364dfcefcd.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections