Overview

overview

10

Static

static

10

10b4921dbf...72.exe

windows7-x64

10

10b4921dbf...72.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    10b4921dbf94a5654138b659460645cc58f415e0d17ba9ab981a46935ecb4f72.exe

  • Size

    707KB

  • MD5

    f1660a88f6ebeea219fb4a54e1811820

  • SHA1

    350a0f76cd26e158ee10ed4baad419048682b8a7

  • SHA256

    10b4921dbf94a5654138b659460645cc58f415e0d17ba9ab981a46935ecb4f72

  • SHA512

    d744e45d2b0e12feff36a4ad2702a9dbf01da1ce2524ff4f7b110e344360a17ca9d2c384c97ce9631d61c13ec8d68bd719b6f301d6d59f4ea8dd903d34bbe075

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza118jvnh:6uaTmkZJ+naie5OTamgEoKxLWgDh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 10b4921dbf94a5654138b659460645cc58f415e0d17ba9ab981a46935ecb4f72.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections