Overview

overview

10

Static

static

10

0d47e09475...ec.exe

windows7-x64

10

0d47e09475...ec.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    0d47e0947578fe5497a51500db61c02e92b94145b8a6503705d8c62182a9b7ec.exe

  • Size

    707KB

  • MD5

    dff1a3374dae1e4f9b6fc355b963c3b9

  • SHA1

    a1cac4fe9f9500bd8fbad4576ec092b5faec077b

  • SHA256

    0d47e0947578fe5497a51500db61c02e92b94145b8a6503705d8c62182a9b7ec

  • SHA512

    744f850d3049747c2d8405a7d13067deb2ecafa98f62017d56bd2e977733529268478c8991c26f63116f9b27b31ba2a70a16bc29ab0683ef644a22652dd1bcc2

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1L80vnh:6uaTmkZJ+naie5OTamgEoKxLWaKh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 0d47e0947578fe5497a51500db61c02e92b94145b8a6503705d8c62182a9b7ec.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections