General

  • Target

    4f5c7c7d78f7eb8a0f5c08f542bb6479f3a45cbc0ed8d35ac9cb2f2ea0793e72.exe

  • Size

    707KB

  • MD5

    c268677f2a6d1d62be4b9934542aba62

  • SHA1

    4bb3a47ebe08904da7adca68b47542944410539e

  • SHA256

    4f5c7c7d78f7eb8a0f5c08f542bb6479f3a45cbc0ed8d35ac9cb2f2ea0793e72

  • SHA512

    3c7e1f5fb29850df1610c7cede1a5dd87dde96c96729ace485b2029de88dc637370f2718f0fa612b96cabd04609499468cbc548f3822b2fa5cd0587f5fa0f875

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1k87vnh:6uaTmkZJ+naie5OTamgEoKxLWnrh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 4f5c7c7d78f7eb8a0f5c08f542bb6479f3a45cbc0ed8d35ac9cb2f2ea0793e72.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections