Overview

overview

10

Static

static

10

5ddc059ca9...09.exe

windows7-x64

10

5ddc059ca9...09.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    5ddc059ca972fad56e3f40485dd13fda85141d126a05a1a0d5bb704ac8902709.exe

  • Size

    707KB

  • MD5

    b5ff26e0395d5a6483a5d890a9c9b311

  • SHA1

    72b9b1189ab613d76f649317ac59777c50206e3f

  • SHA256

    5ddc059ca972fad56e3f40485dd13fda85141d126a05a1a0d5bb704ac8902709

  • SHA512

    73eb5725ccff1c0aa5926181133552d696bcf50d89a4371077c9832f5b5565a76116e4d0c1a3f7ce81f0d29c610327727d9eee404493fe9af71b9a3760bfa7db

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1l8/vnh:6uaTmkZJ+naie5OTamgEoKxLWYXh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 5ddc059ca972fad56e3f40485dd13fda85141d126a05a1a0d5bb704ac8902709.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections