Overview

overview

10

Static

static

10

258c602b38...1b.exe

windows7-x64

10

258c602b38...1b.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    258c602b3860dea886e63f526e507e64750136574730a59660d526b295b45f1b.exe

  • Size

    707KB

  • MD5

    7f0b71bbac2b82cba49c98a442fd0ce1

  • SHA1

    60bfd87c9e14d89cf580e89094a0992ca90413d0

  • SHA256

    258c602b3860dea886e63f526e507e64750136574730a59660d526b295b45f1b

  • SHA512

    1759012fddf5f128255ecf394bb61aab0361e3ea598ff814601dba337847ca33a3c6a625eb268d5243c4a30b934abf1c625b9f85aad789e3366bc153c1542c59

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1V8Evnh:6uaTmkZJ+naie5OTamgEoKxLWo6h

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 258c602b3860dea886e63f526e507e64750136574730a59660d526b295b45f1b.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections