General

  • Target

    637c778061d24ddeb65d5f3b19a095d06e80ccc49506f6be1e39a8da7cb9ae3a.exe

  • Size

    707KB

  • MD5

    b58a13776b3ee9f7f85d0462328c72f9

  • SHA1

    8de12f63be6362413d392bf0c1edb61aae74086b

  • SHA256

    637c778061d24ddeb65d5f3b19a095d06e80ccc49506f6be1e39a8da7cb9ae3a

  • SHA512

    fec165985582c9e40234214d176aba5788d44b250c85fda2e56518d05b7e8576e1c811b7f817f69fa8e92e4f903d8fa19621c15794624858cb7d7f41554234f1

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1A8avnh:6uaTmkZJ+naie5OTamgEoKxLWL0h

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 637c778061d24ddeb65d5f3b19a095d06e80ccc49506f6be1e39a8da7cb9ae3a.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.