Overview

overview

10

Static

static

10

2ad347e440...94.exe

windows7-x64

10

2ad347e440...94.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    2ad347e44071e0c6ffcf4e1513b2b1eb8df72efae911c6e62cf4133fb7f67894.exe

  • Size

    707KB

  • MD5

    99f903469216c56fe611e9f0cf12021c

  • SHA1

    093e348925294cac46d839b1e7f7898e189386c0

  • SHA256

    2ad347e44071e0c6ffcf4e1513b2b1eb8df72efae911c6e62cf4133fb7f67894

  • SHA512

    df48f46497592637eba882260995c850d170dd16e18b83053f75e372bbf2a62c73b572ecb5316f2b39cc5b953f3cde59428e8c920a22ac9d09082656f90238c4

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1O8ovnh:6uaTmkZJ+naie5OTamgEoKxLWVWh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2ad347e44071e0c6ffcf4e1513b2b1eb8df72efae911c6e62cf4133fb7f67894.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections