Overview

overview

10

Static

static

10

341ab21184...8b.exe

windows7-x64

10

341ab21184...8b.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    341ab21184047d3dd2c2a0cc4e00c560164f661ef3f64f929b87f3939b05ba8b.exe

  • Size

    707KB

  • MD5

    637d865e80421d63e96f4b98667cec6e

  • SHA1

    4ae9e35245b12c4e21171def3fe8435a7df616a9

  • SHA256

    341ab21184047d3dd2c2a0cc4e00c560164f661ef3f64f929b87f3939b05ba8b

  • SHA512

    6564ae9cee293ab3838d01a63949b5cec61020e186089ca9b60629cfabf16532f9e0ec91430d93f60a0ed7c057dd4c99cd7dccaa60d8d3217171bd9c0614e744

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1W8/vnh:6uaTmkZJ+naie5OTamgEoKxLW9Xh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 341ab21184047d3dd2c2a0cc4e00c560164f661ef3f64f929b87f3939b05ba8b.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections