Overview

overview

10

Static

static

10

251453e2dc...bf.exe

windows7-x64

10

251453e2dc...bf.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    251453e2dcd975f45f4d9449466c944d135253a26cda232d9330a012f3ae32bf.exe

  • Size

    707KB

  • MD5

    975ccc52b908db791af70252539d772d

  • SHA1

    399ba4dc4a487487292440418809fb3d524717a7

  • SHA256

    251453e2dcd975f45f4d9449466c944d135253a26cda232d9330a012f3ae32bf

  • SHA512

    ba1265d47a4e6719e024f7e6ec0138cd6b891a8dc2ed80f366e563d399bebe7d371b25a9188cad8cf49b8527c80436b26961d1dd612e59b40070bc78f20af528

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1L8fvnh:6uaTmkZJ+naie5OTamgEoKxLWC3h

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 251453e2dcd975f45f4d9449466c944d135253a26cda232d9330a012f3ae32bf.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections