Overview

overview

10

Static

static

10

6a3574e290...d3.exe

windows7-x64

10

6a3574e290...d3.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    6a3574e290bdf07732b60a2c082f83e638ce22d2707201a567f6ac56523bd1d3.exe

  • Size

    707KB

  • MD5

    54f254a87f9d2dedfd44b5e3bd00ed90

  • SHA1

    09e4339521dff060d6ab07206d6513c96a61d2e5

  • SHA256

    6a3574e290bdf07732b60a2c082f83e638ce22d2707201a567f6ac56523bd1d3

  • SHA512

    b4ba524fdd55cae08313bd76443122bec0de850a1960476ae4fde4726c72681ecc2440a621c9c2ef8c4e872ddaf6462f8b6280fb82a5682f938ff5966667234d

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1H8zvnh:6uaTmkZJ+naie5OTamgEoKxLWuzh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 6a3574e290bdf07732b60a2c082f83e638ce22d2707201a567f6ac56523bd1d3.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections