Overview

overview

10

Static

static

10

5a68d153e7...4c.exe

windows7-x64

10

5a68d153e7...4c.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    5a68d153e7eb0fb893d70397feb0bf5b206c36ee9d68b738a065f6b2eee8f44c.exe

  • Size

    707KB

  • MD5

    2c93c4f4eb831b24b4d8a3721d7b4b0e

  • SHA1

    7fac71a586a527b9323e4eade91475f5918cba1e

  • SHA256

    5a68d153e7eb0fb893d70397feb0bf5b206c36ee9d68b738a065f6b2eee8f44c

  • SHA512

    bc91c8d3bd92bad2a4c2a37548b0f2d8988515c43e2ea4e65c5819fd84420433dd21aa58cadbf9c194fc1532d7690be6f8bf1aeb422ef198a40d44cd1cce4947

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1G8uvnh:6uaTmkZJ+naie5OTamgEoKxLWdwh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 5a68d153e7eb0fb893d70397feb0bf5b206c36ee9d68b738a065f6b2eee8f44c.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections