Overview

overview

10

Static

static

10

60f0a5e706...2e.exe

windows7-x64

10

60f0a5e706...2e.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    60f0a5e7063caa1555b38539d83c59a1519afb61e12869fe2936a12b06d2522e.exe

  • Size

    707KB

  • MD5

    a79905d01f8b1d34874af215c8e45d29

  • SHA1

    fa517407ad9186c8f475a97c7b0363eeac4d0112

  • SHA256

    60f0a5e7063caa1555b38539d83c59a1519afb61e12869fe2936a12b06d2522e

  • SHA512

    5fcdae38547ffa4ae18bace0b45461143af6072a10986c30b90b663a46effc51394c3b371e1c0d1e844d392ae27bfe2bcd6bfb7e727fca2f4d391e5e4628aff5

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1G8avnh:6uaTmkZJ+naie5OTamgEoKxLWt0h

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 60f0a5e7063caa1555b38539d83c59a1519afb61e12869fe2936a12b06d2522e.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections