Overview

overview

10

Static

static

10

51a8e6401f...b4.exe

windows7-x64

10

51a8e6401f...b4.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    51a8e6401fb3a9a3ce500662a66299e3df7c9a47df23e470a4aa32e4d60314b4.exe

  • Size

    707KB

  • MD5

    381c0731d3af5fb29d1d07ba29b1a747

  • SHA1

    4c101e7fc3203a98f845abcce55f45f3caed89fe

  • SHA256

    51a8e6401fb3a9a3ce500662a66299e3df7c9a47df23e470a4aa32e4d60314b4

  • SHA512

    44a26772c284e93679e61d85fae232b476a809e11e90c8676a7cbf14d60f3c8a2ec088bdf6249e70bf8ad7208c8785f014bce57223c3ecd599377bb80ac63e15

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1R8Avnh:6uaTmkZJ+naie5OTamgEoKxLWEeh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 51a8e6401fb3a9a3ce500662a66299e3df7c9a47df23e470a4aa32e4d60314b4.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections