Overview

overview

10

Static

static

10

6dae82f6ff...32.exe

windows7-x64

10

6dae82f6ff...32.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    6dae82f6ff3d38f6f029697742c72b4d17d2c9a88fcf0ef085a21c82abfaa732.exe

  • Size

    707KB

  • MD5

    d5dde6be471427d36fd8c6fadbb0edbf

  • SHA1

    cc7c9e0ec6e42a590d28f6f1a4b1cf29c3096c4e

  • SHA256

    6dae82f6ff3d38f6f029697742c72b4d17d2c9a88fcf0ef085a21c82abfaa732

  • SHA512

    0294e38acfd5fa4a331d0a4b60977108e913aa3cb7574c327b18c8351de51018ae543f055cfdcefe30fdd8f9e23e77b2b4e1606825409118ba36ed9c0fbd0cdf

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza128Cvnh:6uaTmkZJ+naie5OTamgEoKxLWlMh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 6dae82f6ff3d38f6f029697742c72b4d17d2c9a88fcf0ef085a21c82abfaa732.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections