Overview

overview

10

Static

static

10

0d9ee9ad5c...0e.exe

windows7-x64

10

0d9ee9ad5c...0e.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0d9ee9ad5c9cbdf41c1274daccba1ca0b6a89da82b074d2623e3e76d2e10b60e.exe

  • Size

    707KB

  • MD5

    49bb22f84276ccd832187c9f002ea55b

  • SHA1

    9bfcdb619bae033e3e898886ba84c02fc168cbfd

  • SHA256

    0d9ee9ad5c9cbdf41c1274daccba1ca0b6a89da82b074d2623e3e76d2e10b60e

  • SHA512

    899e8de15f4ca9c2ffe23b2ef67d5cd6ad67d43c596c2719fa29000e0815cd79336225004adcc187d1ef243329cbb8e28adbe28c0c24497371faa03cea2848b7

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza138hvnh:6uaTmkZJ+naie5OTamgEoKxLW+1h

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 0d9ee9ad5c9cbdf41c1274daccba1ca0b6a89da82b074d2623e3e76d2e10b60e.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections