Overview

overview

10

Static

static

10

5cb261c040...35.exe

windows7-x64

10

5cb261c040...35.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5cb261c040f9dace4df8eece7c3f8f77e344ddaf28383d3947695bbffc8c1435.exe

  • Size

    707KB

  • MD5

    758ede9d419081f63aa7ba516768d88b

  • SHA1

    d607dddeb7edc7a33ab7a3d33a6793cb43474373

  • SHA256

    5cb261c040f9dace4df8eece7c3f8f77e344ddaf28383d3947695bbffc8c1435

  • SHA512

    ec4581dd5657f8ddc784f02c09d8b8e8f9318e9d6fc82099974d1bb5ed121044320e1d0a9ea06e1e3ffc43df086001199e9b1d505a0de1d11300a5c1dd62306c

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1F8pvnh:6uaTmkZJ+naie5OTamgEoKxLWoNh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 5cb261c040f9dace4df8eece7c3f8f77e344ddaf28383d3947695bbffc8c1435.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections