Overview

overview

10

Static

static

10

241ceb49a2...d9.exe

windows7-x64

10

241ceb49a2...d9.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    241ceb49a2e8efd89c86a90f97e9f0ab8747b710e6cdd57491148b32f454a1d9.exe

  • Size

    707KB

  • MD5

    a49b780d41fa4e96e5f5cb75954f79cb

  • SHA1

    1fcff3350cd5dd00cd71f138768b52d7d6b385df

  • SHA256

    241ceb49a2e8efd89c86a90f97e9f0ab8747b710e6cdd57491148b32f454a1d9

  • SHA512

    d7567ac4e45a1b1c2151ec9a9de0a53258b8669a553ca4365718286bf74ffd7e5ba61a03fb5edc57b8f78a2a1af551689f0bd47c63d85af5884557c1eb3a2f02

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1i83vnh:6uaTmkZJ+naie5OTamgEoKxLW5fh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 241ceb49a2e8efd89c86a90f97e9f0ab8747b710e6cdd57491148b32f454a1d9.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections