Overview

overview

10

Static

static

10

0eaaf70685...67.exe

windows7-x64

10

0eaaf70685...67.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0eaaf70685ee5e42d1707d8e1e0e0504c7b4a10755a9c1fcca5f0df71573ec67.exe

  • Size

    707KB

  • MD5

    6c39cb18cb6264d97980fc6e08930bab

  • SHA1

    aa83e2a6b723d26e2e5aabe000db4abf61dd66d4

  • SHA256

    0eaaf70685ee5e42d1707d8e1e0e0504c7b4a10755a9c1fcca5f0df71573ec67

  • SHA512

    0189cf14614c88be5215d78b7af63cd95c3d9218d89534b706b18298f967547cfcaeb4ac4458ad035966880a060c7fbf3aefc2e2a26d7953876370ec6d664239

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1a8svnh:6uaTmkZJ+naie5OTamgEoKxLWhyh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 0eaaf70685ee5e42d1707d8e1e0e0504c7b4a10755a9c1fcca5f0df71573ec67.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections