Overview

overview

10

Static

static

10

365c1191a2...de.exe

windows7-x64

10

365c1191a2...de.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    365c1191a2a1989cfd4c774f1caf38646a5b8377071f6c2b342bf808813bd9de.exe

  • Size

    707KB

  • MD5

    ed6d49543752e3a565c39aff6be7a140

  • SHA1

    91c42000ffea869c49f35d79b7f6e302eeb2d750

  • SHA256

    365c1191a2a1989cfd4c774f1caf38646a5b8377071f6c2b342bf808813bd9de

  • SHA512

    095c1c7e23d6fb1daa5ea717b7aeafdd8b7bd66fea725d530fcc229c2a144672c42290879fe8b308b30ad14b60f9d9e65b2b8390221fa40000a855e8b6a3fad8

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1L8Xvnh:6uaTmkZJ+naie5OTamgEoKxLWi/h

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 365c1191a2a1989cfd4c774f1caf38646a5b8377071f6c2b342bf808813bd9de.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections