Overview

overview

10

Static

static

10

1de7f0a8b9...4a.exe

windows7-x64

10

1de7f0a8b9...4a.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    1de7f0a8b95a8c732b2f9b957dde6752e7d8dfd3935d7adc933bebeed5000b4a.exe

  • Size

    707KB

  • MD5

    0c179f4140962a4cb8226ee12a47438b

  • SHA1

    7e9f2cc6a38db5ac94d2bbb126507206c37fd07d

  • SHA256

    1de7f0a8b95a8c732b2f9b957dde6752e7d8dfd3935d7adc933bebeed5000b4a

  • SHA512

    4a47583ce85041326330fc61d7270ab5e9659f885b266e45a4a1df7ec19ebb67cd9ca573c066ba16e7e8b6be392f49053a58a3cc4a8c356fa7f55f6b97c7091b

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1687vnh:6uaTmkZJ+naie5OTamgEoKxLWBrh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1de7f0a8b95a8c732b2f9b957dde6752e7d8dfd3935d7adc933bebeed5000b4a.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections