General

  • Target

    6ce257da952add9157780fde32ea1edceadf560b9f59839550cbe474bc8cb4e4.exe

  • Size

    707KB

  • MD5

    2195aeb92b8adcbd53cd2b3ce523b0e7

  • SHA1

    5befbf509a163b545f6bedd365c52925dce2f048

  • SHA256

    6ce257da952add9157780fde32ea1edceadf560b9f59839550cbe474bc8cb4e4

  • SHA512

    d2cca7afb4599cfc95cebaf3d8766f64f5e0ac19dd40740eef0612864e6383bf5d1cfe158f1b384ec7e9e5c11b66014c7b1c4dc25cb48b4ea2892d887563129a

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza1/82vnh:6uaTmkZJ+naie5OTamgEoKxLW+Ih

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 6ce257da952add9157780fde32ea1edceadf560b9f59839550cbe474bc8cb4e4.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections