Overview

overview

10

Static

static

10

614d7cf04f...78.exe

windows7-x64

10

614d7cf04f...78.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    614d7cf04f92d5583bcc9c735d4186bfcaa0359a5f0e0365cbf9f9d81df61a78.exe

  • Size

    707KB

  • MD5

    d24adeb1fb67abf93f4565341c9cd17c

  • SHA1

    1d3e6b92dc54cd9eb887177491322fa4d902e78d

  • SHA256

    614d7cf04f92d5583bcc9c735d4186bfcaa0359a5f0e0365cbf9f9d81df61a78

  • SHA512

    66ad02b5a698bcac6966669087b9f83d08691d3d48ea5db79979140e18cc13e2c91d780c4dcc39c386c19dbf0855e9115ec157b01114489435d6e6bc79bd3626

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1r8Vvnh:6uaTmkZJ+naie5OTamgEoKxLWSRh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 614d7cf04f92d5583bcc9c735d4186bfcaa0359a5f0e0365cbf9f9d81df61a78.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections