Overview

overview

10

Static

static

10

4998537c17...32.exe

windows7-x64

10

4998537c17...32.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4998537c17b23f689fdc70b72ce4cd54011933a7854b781991ba2d56b7a05832.exe

  • Size

    707KB

  • MD5

    499b825178776dba4d0e9f5f9e8b0d0a

  • SHA1

    8baefa40854ea42886d25b1f7f9bd146142e9173

  • SHA256

    4998537c17b23f689fdc70b72ce4cd54011933a7854b781991ba2d56b7a05832

  • SHA512

    30661743ab32eba56585ce5f64e36359a9bd50521b3a0d1f974c8106413c0af7474e9077fb78c80cd4dd2089d02bc37f3144f14a84034da2520511c85c91a9b0

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1381vnh:6uaTmkZJ+naie5OTamgEoKxLW2xh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 4998537c17b23f689fdc70b72ce4cd54011933a7854b781991ba2d56b7a05832.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections