Overview

overview

10

Static

static

10

297888a233...26.exe

windows7-x64

10

297888a233...26.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    297888a2334139f82c00d816a0751d1763e20d260bd9f4f835320f2be4aa3726.exe

  • Size

    707KB

  • MD5

    6ced7eed9cbdc9a9cfcf2c8570f04102

  • SHA1

    da6ec46aa83212aad115071ff51fe36823bb3436

  • SHA256

    297888a2334139f82c00d816a0751d1763e20d260bd9f4f835320f2be4aa3726

  • SHA512

    7fca6d052301abb6837c3f2ee081e8660c8b5d0612319d24a258ef65d92391079b9d0db88fc20fdd4193f25ffd00582782f40be92c6f032e0b5eca4bcb9057e3

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1R8hvnh:6uaTmkZJ+naie5OTamgEoKxLWk1h

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 297888a2334139f82c00d816a0751d1763e20d260bd9f4f835320f2be4aa3726.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections