Overview

overview

10

Static

static

10

2d71186ea0...42.exe

windows7-x64

10

2d71186ea0...42.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    2d71186ea0c4fe84917503ab8e2405379dd8e509f78760380b0214d092bb3a42.exe

  • Size

    707KB

  • MD5

    ffc2ee8930a02215e3349b1eff2a698f

  • SHA1

    ca883a359cbcda4601d9bcb55838995c9cce37c2

  • SHA256

    2d71186ea0c4fe84917503ab8e2405379dd8e509f78760380b0214d092bb3a42

  • SHA512

    9f5a8c4ae19802b957e0f2ac66ca317e202e27f4c6ccf980e957497ca4f2207b5b6bc0ec8a3ae1b3f9534e2e2134dfec055bcfdf63c2100e561706e56084bc94

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1i8jvnh:6uaTmkZJ+naie5OTamgEoKxLWZDh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2d71186ea0c4fe84917503ab8e2405379dd8e509f78760380b0214d092bb3a42.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections