Overview

overview

10

Static

static

10

12592346f1...5d.exe

windows7-x64

10

12592346f1...5d.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    12592346f142796384d9aa9af5e343e0f78090d0538a803ef9b5ccb6bbe1455d.exe

  • Size

    707KB

  • MD5

    eb7073e0b1728566b8f863646a3f9f65

  • SHA1

    1287b4ca1bd01b2ffdb9829b2d9c3576729dd3dd

  • SHA256

    12592346f142796384d9aa9af5e343e0f78090d0538a803ef9b5ccb6bbe1455d

  • SHA512

    601bdb598495c6c5408ef5aa8520f997996ca5ab08c1e6084dcdb03a67c6ed0a3d28c5fea7a1daf1d08a317368d1955341a15acffe6057866ce900d57c5cdba5

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza178Cvnh:6uaTmkZJ+naie5OTamgEoKxLWqMh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 12592346f142796384d9aa9af5e343e0f78090d0538a803ef9b5ccb6bbe1455d.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections