Overview

overview

10

Static

static

10

5144777609...e0.exe

windows7-x64

10

5144777609...e0.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    514477760973b6f808350c583beb6bef823e715c113c1e5c4a9c167451bc07e0.exe

  • Size

    707KB

  • MD5

    3473ba532f0c5734e574866c227c3fba

  • SHA1

    4ceca08359b8c0a841bd6406626d4e3e1d048ab2

  • SHA256

    514477760973b6f808350c583beb6bef823e715c113c1e5c4a9c167451bc07e0

  • SHA512

    81ec4128526607461d99641882af0c0c261c9566fded3fcfbc0443ab1ea6a7a74d6cca331c7519716ee454d51d953e4484d47f33bca987a59177315aee7d1f79

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1u8evnh:6uaTmkZJ+naie5OTamgEoKxLWFAh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 514477760973b6f808350c583beb6bef823e715c113c1e5c4a9c167451bc07e0.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections