Overview

overview

10

Static

static

10

5f5d4a60ee...8a.exe

windows7-x64

10

5f5d4a60ee...8a.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    5f5d4a60ee06a8686cc22964adfac8df5732a42ff20d8d4b95e65b980eb80e8a.exe

  • Size

    707KB

  • MD5

    d46321d060b8bdb952bea66df7222b7f

  • SHA1

    4ab4567408b92f5d802ac9f955efdc376a7094d7

  • SHA256

    5f5d4a60ee06a8686cc22964adfac8df5732a42ff20d8d4b95e65b980eb80e8a

  • SHA512

    52f80870d540562b394d43070f04ff68cc091c912a06bc73790ad4b7627b69f2200b9cbffd93ef061ebfaa31063470e60ab38bf8fc0ccae17962b4b910de9b4b

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1N8Tvnh:6uaTmkZJ+naie5OTamgEoKxLWITh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 5f5d4a60ee06a8686cc22964adfac8df5732a42ff20d8d4b95e65b980eb80e8a.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections