Overview

overview

10

Static

static

10

61e0736907...d3.exe

windows7-x64

10

61e0736907...d3.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    61e0736907eea901719083c8eec4322dbc45033cd2c9825be56be407b9cef0d3.exe

  • Size

    707KB

  • MD5

    524841777410f97fc78dfe0164915a8c

  • SHA1

    99a719e139b2cd731079903f007b4217549dfda5

  • SHA256

    61e0736907eea901719083c8eec4322dbc45033cd2c9825be56be407b9cef0d3

  • SHA512

    937710fb9378113828791148feac0cdb06d13bd148e20aa9537eedda5e09050c70af04ca3d2b105202e00341225cf1d19c63a941979d0292be178998dbac7f4d

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1C8gvnh:6uaTmkZJ+naie5OTamgEoKxLWx+h

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 61e0736907eea901719083c8eec4322dbc45033cd2c9825be56be407b9cef0d3.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections