Overview

overview

10

Static

static

10

0dccfb2509...4b.exe

windows7-x64

10

0dccfb2509...4b.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    0dccfb2509f8a2d6850ee7aa608d7ce534aab6e210a7684eee98ea8acc1dc84b.exe

  • Size

    707KB

  • MD5

    09efb7d6a2e18c2916dc4134e3b261fd

  • SHA1

    c49fd19006e803c46b9d00fa31515474ed6d56a5

  • SHA256

    0dccfb2509f8a2d6850ee7aa608d7ce534aab6e210a7684eee98ea8acc1dc84b

  • SHA512

    7248f5740c3adb53354ee9561921ffca3394210a70ae82f1c07093c138b346079098b0321ce8e063846a0e09d1cd6c253e606a217bd70c0dcc539eebd1073aa8

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1w87vnh:6uaTmkZJ+naie5OTamgEoKxLWbrh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 0dccfb2509f8a2d6850ee7aa608d7ce534aab6e210a7684eee98ea8acc1dc84b.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections