Overview

overview

10

Static

static

10

05f704fe15...41.exe

windows7-x64

10

05f704fe15...41.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    05f704fe15fe8c03e706a03e0d03ea4aa3e60818c654de3364b3fbf0bc157241.exe

  • Size

    707KB

  • MD5

    1928d50dfcf88a3ef0ad7e99215dfd62

  • SHA1

    b1668172f56d359cef06e874a6a80f39bd8bd971

  • SHA256

    05f704fe15fe8c03e706a03e0d03ea4aa3e60818c654de3364b3fbf0bc157241

  • SHA512

    b3a8e97b1add38be6a8e6f2387067f2803fe654fc77a623a79e32b85e41a98761617fb189f7c5ae7bb49bd73ae65665c3853a0a759f8c5e4dbf9fc1bcbc579b3

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1f8mvnh:6uaTmkZJ+naie5OTamgEoKxLWuYh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 05f704fe15fe8c03e706a03e0d03ea4aa3e60818c654de3364b3fbf0bc157241.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections