General

  • Target

    5758de82ebe5347f04dc7011ae896f08754ceb1b550f36b845fae48c4d0a2e48.exe

  • Size

    707KB

  • MD5

    2c64f4d972445c2b6fc6db869f5f2486

  • SHA1

    67c8d25bb68878831c12dbff1d6c7033dcfdcad7

  • SHA256

    5758de82ebe5347f04dc7011ae896f08754ceb1b550f36b845fae48c4d0a2e48

  • SHA512

    7047c5969122ee60ce572929c4fd04d001cfe7fd9f1bf23d864ecfe20f9586bfc5023204e22ae452167a30387cf06d299f8ad2e2560e5623e00d56624abc38de

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1z8evnh:6uaTmkZJ+naie5OTamgEoKxLWaAh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 5758de82ebe5347f04dc7011ae896f08754ceb1b550f36b845fae48c4d0a2e48.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections