Overview

overview

10

Static

static

10

6e95095c8e...d5.exe

windows7-x64

10

6e95095c8e...d5.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    6e95095c8e220c9fb669dc6b7312401f5c868b5d4ce6fb2015a0f57645f610d5.exe

  • Size

    707KB

  • MD5

    7316ce4beacdbf8ef6aaf8522c4e4a1d

  • SHA1

    c4f34ea9a995909f5b49cee845444ea254b20f5b

  • SHA256

    6e95095c8e220c9fb669dc6b7312401f5c868b5d4ce6fb2015a0f57645f610d5

  • SHA512

    f2a6a2653586551665f230a8c53a5c57b5d74b1c5f4591c6bcd05c46fc21acb7bc4cceab722836db98669a8b0b41e59a2343980099fa016ecf5921d5f1a73d68

  • SSDEEP

    6144:wcmwdMZ0aq9arLKkdMqJ+VYg/5ICAAQs+d5zSTamgEoOFzxLza128Lvnh:6uaTmkZJ+naie5OTamgEoKxLWFbh

Score
10/10

Malware Config

Signatures

  • Detects command variations typically used by ransomware 1 IoCs
  • Detects executables containing anti-forensic artifacts of deleting USN change journal. Observed in ransomware 1 IoCs
  • Detects executables containing commands for clearing Windows Event Logs 1 IoCs
  • Detects executables containing many references to VEEAM. Observed in ransomware 1 IoCs
  • Detects executables embedding registry key / value combination indicative of disabling Windows Defender features 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 6e95095c8e220c9fb669dc6b7312401f5c868b5d4ce6fb2015a0f57645f610d5.exe
    .exe windows:5 windows x86 arch:x86

    2f7da257a3159bdb9faeb823ef872a56


    Headers

    Imports

    Sections