Overview

overview

10

Static

static

10

16d2450379...21.exe

windows7-x64

10

16d2450379...21.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    16d2450379af27175878219bea1592ed16ae80d6ab393c254a59febdab437521.exe

  • Size

    707KB

  • MD5

    dc912f1c1d2373a6ab3c869a02c12dbd

  • SHA1

    587862119b4fe0f927b68d0b4419b34f29bc66d7

  • SHA256

    16d2450379af27175878219bea1592ed16ae80d6ab393c254a59febdab437521

  • SHA512

    8d9d50afa88a8933d6796fa7ec1b3df0a7fdbe39199f465fa853cded313d1a213844b2e07ba823fe9d94f7aa6adac55e2a88fa6f901e02be64a0dbf5485f8450

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1q8Tvnh:6uaTmkZJ+naie5OTamgEoKxLWJTh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 16d2450379af27175878219bea1592ed16ae80d6ab393c254a59febdab437521.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections